package org.bouncycastle.jcajce.provider.keystore.bcfks;

import com.voghion.app.base.util.RSAUtils;
import defpackage.af2;
import defpackage.cf2;
import defpackage.eu2;
import defpackage.f92;
import defpackage.gc2;
import defpackage.hc2;
import defpackage.hj2;
import defpackage.hy2;
import defpackage.ic2;
import defpackage.ii2;
import defpackage.iy2;
import defpackage.jc2;
import defpackage.jy2;
import defpackage.k92;
import defpackage.ka3;
import defpackage.kc2;
import defpackage.kd2;
import defpackage.kg2;
import defpackage.kp2;
import defpackage.lc2;
import defpackage.mc2;
import defpackage.me2;
import defpackage.mw2;
import defpackage.nc2;
import defpackage.nd2;
import defpackage.np2;
import defpackage.nw2;
import defpackage.o92;
import defpackage.oc2;
import defpackage.pc2;
import defpackage.qc2;
import defpackage.qd2;
import defpackage.ql2;
import defpackage.rl2;
import defpackage.ry2;
import defpackage.sc2;
import defpackage.se2;
import defpackage.sw2;
import defpackage.td2;
import defpackage.te2;
import defpackage.ud2;
import defpackage.ue2;
import defpackage.uj2;
import defpackage.vd2;
import defpackage.wa2;
import defpackage.wg2;
import defpackage.xe2;
import defpackage.xi2;
import defpackage.xw2;
import defpackage.ya3;
import defpackage.ye2;
import defpackage.yw2;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAKey;
import java.security.interfaces.RSAKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.text.ParseException;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.bouncycastle.jcajce.BCFKSLoadStoreParameter;
import org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi;

/* loaded from: classes5.dex */
public class BcFKSKeyStoreSpi extends KeyStoreSpi {
    public static final BigInteger CERTIFICATE;
    public static final BigInteger PRIVATE_KEY;
    public static final BigInteger PROTECTED_PRIVATE_KEY;
    public static final BigInteger PROTECTED_SECRET_KEY;
    public static final BigInteger SECRET_KEY;
    public static final Map<String, o92> oidMap = new HashMap();
    public static final Map<o92, String> publicAlgMap = new HashMap();
    public Date creationDate;
    public final jy2 helper;
    public kg2 hmacAlgorithm;
    public ue2 hmacPkbdAlgorithm;
    public Date lastModifiedDate;
    public kg2 signatureAlgorithm;
    public BCFKSLoadStoreParameter.a validator;
    public PublicKey verificationKey;
    public final Map<String, jc2> entries = new HashMap();
    public final Map<String, PrivateKey> privateKeyCache = new HashMap();
    public o92 storeEncryptionAlgorithm = td2.P;

    /* loaded from: classes5.dex */
    public static class Def extends BcFKSKeyStoreSpi {
        public Def() {
            super(new iy2());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes5.dex */
    public static class DefShared extends SharedKeyStoreSpi {
        public DefShared() {
            super(new iy2());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes5.dex */
    public static class ExtKeyStoreException extends KeyStoreException {
        public final Throwable cause;

        public ExtKeyStoreException(String str, Throwable th) {
            super(str);
            this.cause = th;
        }

        @Override // java.lang.Throwable
        public Throwable getCause() {
            return this.cause;
        }
    }

    /* loaded from: classes5.dex */
    public static class SharedKeyStoreSpi extends BcFKSKeyStoreSpi implements af2, ii2 {
        public final Map<String, byte[]> cache;
        public final byte[] seedKey;

        public SharedKeyStoreSpi(jy2 jy2Var) {
            super(jy2Var);
            try {
                this.seedKey = new byte[32];
                jy2Var.a("DEFAULT").nextBytes(this.seedKey);
                this.cache = new HashMap();
            } catch (GeneralSecurityException e) {
                throw new IllegalArgumentException("can't create random - " + e.toString());
            }
        }

        private byte[] calculateMac(String str, char[] cArr) throws NoSuchAlgorithmException, InvalidKeyException {
            return np2.b(cArr != null ? ka3.c(ya3.a(cArr), ya3.c(str)) : ka3.c(this.seedKey, ya3.c(str)), this.seedKey, 16384, 8, 1, 32);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineDeleteEntry(String str) throws KeyStoreException {
            throw new KeyStoreException("delete operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            try {
                byte[] calculateMac = calculateMac(str, cArr);
                if (!this.cache.containsKey(str) || ka3.d(this.cache.get(str), calculateMac)) {
                    Key engineGetKey = super.engineGetKey(str, cArr);
                    if (engineGetKey != null && !this.cache.containsKey(str)) {
                        this.cache.put(str, calculateMac);
                    }
                    return engineGetKey;
                }
                throw new UnrecoverableKeyException("unable to recover key (" + str + ")");
            } catch (InvalidKeyException e) {
                throw new UnrecoverableKeyException("unable to recover key (" + str + "): " + e.getMessage());
            }
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            throw new KeyStoreException("set operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            throw new KeyStoreException("set operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            throw new KeyStoreException("set operation not supported in shared mode");
        }
    }

    /* loaded from: classes5.dex */
    public static class Std extends BcFKSKeyStoreSpi {
        public Std() {
            super(new hy2());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes5.dex */
    public static class StdShared extends SharedKeyStoreSpi {
        public StdShared() {
            super(new hy2());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    static {
        oidMap.put("DESEDE", me2.e);
        oidMap.put("TRIPLEDES", me2.e);
        oidMap.put("TDEA", me2.e);
        oidMap.put("HMACSHA1", af2.H0);
        oidMap.put("HMACSHA224", af2.I0);
        oidMap.put("HMACSHA256", af2.J0);
        oidMap.put("HMACSHA384", af2.K0);
        oidMap.put("HMACSHA512", af2.L0);
        oidMap.put("SEED", kd2.a);
        oidMap.put("CAMELLIA.128", vd2.a);
        oidMap.put("CAMELLIA.192", vd2.b);
        oidMap.put("CAMELLIA.256", vd2.c);
        oidMap.put("ARIA.128", ud2.e);
        oidMap.put("ARIA.192", ud2.i);
        oidMap.put("ARIA.256", ud2.m);
        publicAlgMap.put(af2.I, RSAUtils.ENCRYPTION_PATTERN_RSA);
        publicAlgMap.put(xi2.Q1, "EC");
        publicAlgMap.put(me2.i, "DH");
        publicAlgMap.put(af2.p0, "DH");
        publicAlgMap.put(xi2.w2, "DSA");
        CERTIFICATE = BigInteger.valueOf(0L);
        PRIVATE_KEY = BigInteger.valueOf(1L);
        SECRET_KEY = BigInteger.valueOf(2L);
        PROTECTED_PRIVATE_KEY = BigInteger.valueOf(3L);
        PROTECTED_SECRET_KEY = BigInteger.valueOf(4L);
    }

    public BcFKSKeyStoreSpi(jy2 jy2Var) {
        this.helper = jy2Var;
    }

    private byte[] calculateMac(byte[] bArr, kg2 kg2Var, ue2 ue2Var, char[] cArr) throws NoSuchAlgorithmException, IOException, NoSuchProviderException {
        String j = kg2Var.e().j();
        Mac d = this.helper.d(j);
        try {
            if (cArr == null) {
                cArr = new char[0];
            }
            d.init(new SecretKeySpec(generateKey(ue2Var, "INTEGRITY_CHECK", cArr, -1), j));
            return d.doFinal(bArr);
        } catch (InvalidKeyException e) {
            throw new IOException("Cannot set up MAC calculation: " + e.getMessage());
        }
    }

    private Cipher createCipher(String str, byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        Cipher c = this.helper.c(str);
        c.init(1, new SecretKeySpec(bArr, RSAUtils.ENCRYPTION_PATTERN_AES));
        return c;
    }

    private hc2 createPrivateKeySequence(se2 se2Var, Certificate[] certificateArr) throws CertificateEncodingException {
        wg2[] wg2VarArr = new wg2[certificateArr.length];
        for (int i = 0; i != certificateArr.length; i++) {
            wg2VarArr[i] = wg2.a(certificateArr[i].getEncoded());
        }
        return new hc2(se2Var, wg2VarArr);
    }

    private Certificate decodeCertificate(Object obj) {
        jy2 jy2Var = this.helper;
        if (jy2Var != null) {
            try {
                return jy2Var.e("X.509").generateCertificate(new ByteArrayInputStream(wg2.a(obj).getEncoded()));
            } catch (Exception unused) {
                return null;
            }
        }
        try {
            return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(wg2.a(obj).getEncoded()));
        } catch (Exception unused2) {
            return null;
        }
    }

    private byte[] decryptData(String str, kg2 kg2Var, char[] cArr, byte[] bArr) throws IOException {
        Cipher c;
        AlgorithmParameters algorithmParameters;
        if (!kg2Var.e().b(af2.x0)) {
            throw new IOException("BCFKS KeyStore cannot recognize protection algorithm.");
        }
        xe2 a = xe2.a(kg2Var.f());
        te2 e = a.e();
        try {
            if (e.e().b(td2.P)) {
                c = this.helper.c("AES/CCM/NoPadding");
                algorithmParameters = this.helper.f("CCM");
                algorithmParameters.init(sc2.a(e.f()).getEncoded());
            } else {
                if (!e.e().b(td2.Q)) {
                    throw new IOException("BCFKS KeyStore cannot recognize protection encryption algorithm.");
                }
                c = this.helper.c("AESKWP");
                algorithmParameters = null;
            }
            ue2 f = a.f();
            if (cArr == null) {
                cArr = new char[0];
            }
            c.init(2, new SecretKeySpec(generateKey(f, str, cArr, 32), RSAUtils.ENCRYPTION_PATTERN_AES), algorithmParameters);
            return c.doFinal(bArr);
        } catch (IOException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new IOException(e3.toString());
        }
    }

    private Date extractCreationDate(jc2 jc2Var, Date date) {
        try {
            return jc2Var.e().j();
        } catch (ParseException unused) {
            return date;
        }
    }

    private char[] extractPassword(KeyStore.LoadStoreParameter loadStoreParameter) throws IOException {
        KeyStore.ProtectionParameter protectionParameter = loadStoreParameter.getProtectionParameter();
        if (protectionParameter == null) {
            return null;
        }
        if (protectionParameter instanceof KeyStore.PasswordProtection) {
            return ((KeyStore.PasswordProtection) protectionParameter).getPassword();
        }
        if (!(protectionParameter instanceof KeyStore.CallbackHandlerProtection)) {
            throw new IllegalArgumentException("no support for protection parameter of type " + protectionParameter.getClass().getName());
        }
        CallbackHandler callbackHandler = ((KeyStore.CallbackHandlerProtection) protectionParameter).getCallbackHandler();
        PasswordCallback passwordCallback = new PasswordCallback("password: ", false);
        try {
            callbackHandler.handle(new Callback[]{passwordCallback});
            return passwordCallback.getPassword();
        } catch (UnsupportedCallbackException e) {
            throw new IllegalArgumentException("PasswordCallback not recognised: " + e.getMessage(), e);
        }
    }

    private byte[] generateKey(ue2 ue2Var, String str, char[] cArr, int i) throws IOException {
        byte[] PKCS12PasswordToBytes = uj2.PKCS12PasswordToBytes(cArr);
        byte[] PKCS12PasswordToBytes2 = uj2.PKCS12PasswordToBytes(str.toCharArray());
        if (nd2.y.b(ue2Var.e())) {
            qd2 a = qd2.a(ue2Var.f());
            if (a.g() != null) {
                i = a.g().intValue();
            } else if (i == -1) {
                throw new IOException("no keyLength found in ScryptParams");
            }
            return np2.b(ka3.c(PKCS12PasswordToBytes, PKCS12PasswordToBytes2), a.i(), a.f().intValue(), a.e().intValue(), a.e().intValue(), i);
        }
        if (!ue2Var.e().b(af2.y0)) {
            throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD.");
        }
        ye2 a2 = ye2.a(ue2Var.f());
        if (a2.f() != null) {
            i = a2.f().intValue();
        } else if (i == -1) {
            throw new IOException("no keyLength found in PBKDF2Params");
        }
        if (a2.g().e().b(af2.L0)) {
            kp2 kp2Var = new kp2(new rl2());
            kp2Var.init(ka3.c(PKCS12PasswordToBytes, PKCS12PasswordToBytes2), a2.h(), a2.e().intValue());
            return ((eu2) kp2Var.generateDerivedParameters(i * 8)).a();
        }
        if (a2.g().e().b(td2.r)) {
            kp2 kp2Var2 = new kp2(new ql2(512));
            kp2Var2.init(ka3.c(PKCS12PasswordToBytes, PKCS12PasswordToBytes2), a2.h(), a2.e().intValue());
            return ((eu2) kp2Var2.generateDerivedParameters(i * 8)).a();
        }
        throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD PRF: " + a2.g().e());
    }

    private ue2 generatePkbdAlgorithmIdentifier(nw2 nw2Var, int i) {
        if (!nd2.y.b(nw2Var.a())) {
            mw2 mw2Var = (mw2) nw2Var;
            byte[] bArr = new byte[mw2Var.d()];
            getDefaultSecureRandom().nextBytes(bArr);
            return new ue2(af2.y0, new ye2(bArr, mw2Var.b(), i, mw2Var.c()));
        }
        sw2 sw2Var = (sw2) nw2Var;
        byte[] bArr2 = new byte[sw2Var.e()];
        getDefaultSecureRandom().nextBytes(bArr2);
        return new ue2(nd2.y, new qd2(bArr2, sw2Var.c(), sw2Var.b(), sw2Var.d(), i));
    }

    private ue2 generatePkbdAlgorithmIdentifier(o92 o92Var, int i) {
        byte[] bArr = new byte[64];
        getDefaultSecureRandom().nextBytes(bArr);
        if (af2.y0.b(o92Var)) {
            return new ue2(af2.y0, new ye2(bArr, PKCS12KeyStoreSpi.MIN_ITERATIONS, i, new kg2(af2.L0, wa2.a)));
        }
        throw new IllegalStateException("unknown derivation algorithm: " + o92Var);
    }

    private ue2 generatePkbdAlgorithmIdentifier(ue2 ue2Var, int i) {
        boolean b = nd2.y.b(ue2Var.e());
        f92 f = ue2Var.f();
        if (b) {
            qd2 a = qd2.a(f);
            byte[] bArr = new byte[a.i().length];
            getDefaultSecureRandom().nextBytes(bArr);
            return new ue2(nd2.y, new qd2(bArr, a.f(), a.e(), a.h(), BigInteger.valueOf(i)));
        }
        ye2 a2 = ye2.a(f);
        byte[] bArr2 = new byte[a2.h().length];
        getDefaultSecureRandom().nextBytes(bArr2);
        return new ue2(af2.y0, new ye2(bArr2, a2.e().intValue(), i, a2.g()));
    }

    private kg2 generateSignatureAlgId(Key key, BCFKSLoadStoreParameter.SignatureAlgorithm signatureAlgorithm) throws IOException {
        if (key == null) {
            return null;
        }
        if (key instanceof ry2) {
            if (signatureAlgorithm == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withECDSA) {
                return new kg2(xi2.V1);
            }
            if (signatureAlgorithm == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA3_512withECDSA) {
                return new kg2(td2.d0);
            }
        }
        if (key instanceof DSAKey) {
            if (signatureAlgorithm == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withDSA) {
                return new kg2(td2.V);
            }
            if (signatureAlgorithm == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA3_512withDSA) {
                return new kg2(td2.Z);
            }
        }
        if (key instanceof RSAKey) {
            if (signatureAlgorithm == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withRSA) {
                return new kg2(af2.k0, wa2.a);
            }
            if (signatureAlgorithm == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA3_512withRSA) {
                return new kg2(td2.h0, wa2.a);
            }
        }
        throw new IOException("unknown signature algorithm");
    }

    private SecureRandom getDefaultSecureRandom() {
        return hj2.a();
    }

    private gc2 getEncryptedObjectStoreData(kg2 kg2Var, char[] cArr) throws IOException, NoSuchAlgorithmException {
        jc2[] jc2VarArr = (jc2[]) this.entries.values().toArray(new jc2[this.entries.size()]);
        ue2 generatePkbdAlgorithmIdentifier = generatePkbdAlgorithmIdentifier(this.hmacPkbdAlgorithm, 32);
        if (cArr == null) {
            cArr = new char[0];
        }
        byte[] generateKey = generateKey(generatePkbdAlgorithmIdentifier, "STORE_ENCRYPTION", cArr, 32);
        mc2 mc2Var = new mc2(kg2Var, this.creationDate, this.lastModifiedDate, new kc2(jc2VarArr), null);
        try {
            if (!this.storeEncryptionAlgorithm.b(td2.P)) {
                return new gc2(new kg2(af2.x0, new xe2(generatePkbdAlgorithmIdentifier, new te2(td2.Q))), createCipher("AESKWP", generateKey).doFinal(mc2Var.getEncoded()));
            }
            Cipher createCipher = createCipher("AES/CCM/NoPadding", generateKey);
            return new gc2(new kg2(af2.x0, new xe2(generatePkbdAlgorithmIdentifier, new te2(td2.P, sc2.a(createCipher.getParameters().getEncoded())))), createCipher.doFinal(mc2Var.getEncoded()));
        } catch (InvalidKeyException e) {
            throw new IOException(e.toString());
        } catch (NoSuchProviderException e2) {
            throw new IOException(e2.toString());
        } catch (BadPaddingException e3) {
            throw new IOException(e3.toString());
        } catch (IllegalBlockSizeException e4) {
            throw new IOException(e4.toString());
        } catch (NoSuchPaddingException e5) {
            throw new NoSuchAlgorithmException(e5.toString());
        }
    }

    public static String getPublicKeyAlg(o92 o92Var) {
        String str = publicAlgMap.get(o92Var);
        return str != null ? str : o92Var.j();
    }

    private boolean isSimilarHmacPbkd(nw2 nw2Var, ue2 ue2Var) {
        if (!nw2Var.a().b(ue2Var.e())) {
            return false;
        }
        if (nd2.y.b(ue2Var.e())) {
            if (!(nw2Var instanceof sw2)) {
                return false;
            }
            sw2 sw2Var = (sw2) nw2Var;
            qd2 a = qd2.a(ue2Var.f());
            return sw2Var.e() == a.i().length && sw2Var.b() == a.e().intValue() && sw2Var.c() == a.f().intValue() && sw2Var.d() == a.h().intValue();
        }
        if (!(nw2Var instanceof mw2)) {
            return false;
        }
        mw2 mw2Var = (mw2) nw2Var;
        ye2 a2 = ye2.a(ue2Var.f());
        return mw2Var.d() == a2.h().length && mw2Var.b() == a2.e().intValue();
    }

    private void verifyMac(byte[] bArr, oc2 oc2Var, char[] cArr) throws NoSuchAlgorithmException, IOException, NoSuchProviderException {
        if (!ka3.d(calculateMac(bArr, oc2Var.f(), oc2Var.g(), cArr), oc2Var.e())) {
            throw new IOException("BCFKS KeyStore corrupted: MAC calculation failed");
        }
    }

    private void verifySig(f92 f92Var, qc2 qc2Var, PublicKey publicKey) throws GeneralSecurityException, IOException {
        Signature createSignature = this.helper.createSignature(qc2Var.g().e().j());
        createSignature.initVerify(publicKey);
        createSignature.update(f92Var.b().a("DER"));
        if (!createSignature.verify(qc2Var.f().j())) {
            throw new IOException("BCFKS KeyStore corrupted: signature calculation failed");
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        final Iterator it = new HashSet(this.entries.keySet()).iterator();
        return new Enumeration() { // from class: org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.1
            @Override // java.util.Enumeration
            public boolean hasMoreElements() {
                return it.hasNext();
            }

            @Override // java.util.Enumeration
            public Object nextElement() {
                return it.next();
            }
        };
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        if (str != null) {
            return this.entries.containsKey(str);
        }
        throw new NullPointerException("alias value is null");
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (this.entries.get(str) == null) {
            return;
        }
        this.privateKeyCache.remove(str);
        this.entries.remove(str);
        this.lastModifiedDate = new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        jc2 jc2Var = this.entries.get(str);
        if (jc2Var == null) {
            return null;
        }
        if (jc2Var.i().equals(PRIVATE_KEY) || jc2Var.i().equals(PROTECTED_PRIVATE_KEY)) {
            return decodeCertificate(hc2.a(jc2Var.f()).e()[0]);
        }
        if (jc2Var.i().equals(CERTIFICATE)) {
            return decodeCertificate(jc2Var.f());
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        try {
            byte[] encoded = certificate.getEncoded();
            for (String str : this.entries.keySet()) {
                jc2 jc2Var = this.entries.get(str);
                if (jc2Var.i().equals(CERTIFICATE)) {
                    if (ka3.a(jc2Var.f(), encoded)) {
                        return str;
                    }
                } else if (jc2Var.i().equals(PRIVATE_KEY) || jc2Var.i().equals(PROTECTED_PRIVATE_KEY)) {
                    try {
                        if (ka3.a(hc2.a(jc2Var.f()).e()[0].b().getEncoded(), encoded)) {
                            return str;
                        }
                    } catch (IOException unused) {
                    }
                }
            }
        } catch (CertificateEncodingException unused2) {
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        jc2 jc2Var = this.entries.get(str);
        if (jc2Var == null) {
            return null;
        }
        if (!jc2Var.i().equals(PRIVATE_KEY) && !jc2Var.i().equals(PROTECTED_PRIVATE_KEY)) {
            return null;
        }
        wg2[] e = hc2.a(jc2Var.f()).e();
        int length = e.length;
        X509Certificate[] x509CertificateArr = new X509Certificate[length];
        for (int i = 0; i != length; i++) {
            x509CertificateArr[i] = decodeCertificate(e[i]);
        }
        return x509CertificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        jc2 jc2Var = this.entries.get(str);
        if (jc2Var == null) {
            return null;
        }
        try {
            return jc2Var.h().j();
        } catch (ParseException unused) {
            return new Date();
        }
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        jc2 jc2Var = this.entries.get(str);
        if (jc2Var == null) {
            return null;
        }
        if (jc2Var.i().equals(PRIVATE_KEY) || jc2Var.i().equals(PROTECTED_PRIVATE_KEY)) {
            PrivateKey privateKey = this.privateKeyCache.get(str);
            if (privateKey != null) {
                return privateKey;
            }
            se2 a = se2.a(hc2.a(jc2Var.f()).f());
            try {
                cf2 a2 = cf2.a(decryptData("PRIVATE_KEY_ENCRYPTION", a.f(), cArr, a.e()));
                PrivateKey generatePrivate = this.helper.h(getPublicKeyAlg(a2.g().e())).generatePrivate(new PKCS8EncodedKeySpec(a2.getEncoded()));
                this.privateKeyCache.put(str, generatePrivate);
                return generatePrivate;
            } catch (Exception e) {
                throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover private key (" + str + "): " + e.getMessage());
            }
        }
        if (!jc2Var.i().equals(SECRET_KEY) && !jc2Var.i().equals(PROTECTED_SECRET_KEY)) {
            throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + str + "): type not recognized");
        }
        ic2 a3 = ic2.a(jc2Var.f());
        try {
            pc2 a4 = pc2.a(decryptData("SECRET_KEY_ENCRYPTION", a3.f(), cArr, a3.e()));
            return this.helper.g(a4.e().j()).generateSecret(new SecretKeySpec(a4.f(), a4.e().j()));
        } catch (Exception e2) {
            throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + str + "): " + e2.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        jc2 jc2Var = this.entries.get(str);
        if (jc2Var != null) {
            return jc2Var.i().equals(CERTIFICATE);
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        jc2 jc2Var = this.entries.get(str);
        if (jc2Var == null) {
            return false;
        }
        BigInteger i = jc2Var.i();
        return i.equals(PRIVATE_KEY) || i.equals(SECRET_KEY) || i.equals(PROTECTED_PRIVATE_KEY) || i.equals(PROTECTED_SECRET_KEY);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        kg2 g;
        f92 f;
        PublicKey publicKey;
        mc2 a;
        this.entries.clear();
        this.privateKeyCache.clear();
        this.creationDate = null;
        this.lastModifiedDate = null;
        this.hmacAlgorithm = null;
        if (inputStream == null) {
            Date date = new Date();
            this.creationDate = date;
            this.lastModifiedDate = date;
            this.verificationKey = null;
            this.validator = null;
            this.hmacAlgorithm = new kg2(af2.L0, wa2.a);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(af2.y0, 64);
            return;
        }
        try {
            lc2 a2 = lc2.a(new k92(inputStream).readObject());
            nc2 e = a2.e();
            if (e.f() == 0) {
                oc2 a3 = oc2.a(e.e());
                this.hmacAlgorithm = a3.f();
                this.hmacPkbdAlgorithm = a3.g();
                g = this.hmacAlgorithm;
                try {
                    verifyMac(a2.f().b().getEncoded(), a3, cArr);
                } catch (NoSuchProviderException e2) {
                    throw new IOException(e2.getMessage());
                }
            } else {
                if (e.f() != 1) {
                    throw new IOException("BCFKS KeyStore unable to recognize integrity check.");
                }
                qc2 a4 = qc2.a(e.e());
                g = a4.g();
                try {
                    wg2[] e3 = a4.e();
                    if (this.validator == null) {
                        f = a2.f();
                        publicKey = this.verificationKey;
                    } else {
                        if (e3 == null) {
                            throw new IOException("validator specified but no certifcates in store");
                        }
                        CertificateFactory e4 = this.helper.e("X.509");
                        int length = e3.length;
                        X509Certificate[] x509CertificateArr = new X509Certificate[length];
                        for (int i = 0; i != length; i++) {
                            x509CertificateArr[i] = (X509Certificate) e4.generateCertificate(new ByteArrayInputStream(e3[i].getEncoded()));
                        }
                        if (!this.validator.a(x509CertificateArr)) {
                            throw new IOException("certificate chain in key store signature not valid");
                        }
                        f = a2.f();
                        publicKey = x509CertificateArr[0].getPublicKey();
                    }
                    verifySig(f, a4, publicKey);
                } catch (GeneralSecurityException e5) {
                    throw new IOException("error verifying signature: " + e5.getMessage(), e5);
                }
            }
            f92 f2 = a2.f();
            if (f2 instanceof gc2) {
                gc2 gc2Var = (gc2) f2;
                a = mc2.a(decryptData("STORE_ENCRYPTION", gc2Var.f(), cArr, gc2Var.e().i()));
            } else {
                a = mc2.a(f2);
            }
            try {
                this.creationDate = a.e().j();
                this.lastModifiedDate = a.g().j();
                if (!a.f().equals(g)) {
                    throw new IOException("BCFKS KeyStore storeData integrity algorithm does not match store integrity algorithm.");
                }
                Iterator<f92> it = a.h().iterator();
                while (it.hasNext()) {
                    jc2 a5 = jc2.a(it.next());
                    this.entries.put(a5.g(), a5);
                }
            } catch (ParseException unused) {
                throw new IOException("BCFKS KeyStore unable to parse store data information.");
            }
        } catch (Exception e6) {
            throw new IOException(e6.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'parameter' arg cannot be null");
        }
        if (!(loadStoreParameter instanceof BCFKSLoadStoreParameter)) {
            if (loadStoreParameter instanceof yw2) {
                engineLoad(((yw2) loadStoreParameter).a(), extractPassword(loadStoreParameter));
                return;
            }
            throw new IllegalArgumentException("no support for 'parameter' of type " + loadStoreParameter.getClass().getName());
        }
        BCFKSLoadStoreParameter bCFKSLoadStoreParameter = (BCFKSLoadStoreParameter) loadStoreParameter;
        char[] extractPassword = extractPassword(bCFKSLoadStoreParameter);
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(bCFKSLoadStoreParameter.g(), 64);
        this.storeEncryptionAlgorithm = bCFKSLoadStoreParameter.e() == BCFKSLoadStoreParameter.EncryptionAlgorithm.AES256_CCM ? td2.P : td2.Q;
        this.hmacAlgorithm = bCFKSLoadStoreParameter.f() == BCFKSLoadStoreParameter.MacAlgorithm.HmacSHA512 ? new kg2(af2.L0, wa2.a) : new kg2(td2.r, wa2.a);
        this.verificationKey = (PublicKey) bCFKSLoadStoreParameter.i();
        this.validator = bCFKSLoadStoreParameter.c();
        this.signatureAlgorithm = generateSignatureAlgId(this.verificationKey, bCFKSLoadStoreParameter.h());
        o92 o92Var = this.storeEncryptionAlgorithm;
        InputStream a = bCFKSLoadStoreParameter.a();
        engineLoad(a, extractPassword);
        if (a != null) {
            if (!isSimilarHmacPbkd(bCFKSLoadStoreParameter.g(), this.hmacPkbdAlgorithm) || !o92Var.b(this.storeEncryptionAlgorithm)) {
                throw new IOException("configuration parameters do not match existing store");
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        Date date;
        jc2 jc2Var = this.entries.get(str);
        Date date2 = new Date();
        if (jc2Var == null) {
            date = date2;
        } else {
            if (!jc2Var.i().equals(CERTIFICATE)) {
                throw new KeyStoreException("BCFKS KeyStore already has a key entry with alias " + str);
            }
            date = extractCreationDate(jc2Var, date2);
        }
        try {
            this.entries.put(str, new jc2(CERTIFICATE, str, date, date2, certificate.getEncoded(), null));
            this.lastModifiedDate = date2;
        } catch (CertificateEncodingException e) {
            throw new ExtKeyStoreException("BCFKS KeyStore unable to handle certificate: " + e.getMessage(), e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        pc2 pc2Var;
        ic2 ic2Var;
        se2 se2Var;
        Date date = new Date();
        jc2 jc2Var = this.entries.get(str);
        Date extractCreationDate = jc2Var != null ? extractCreationDate(jc2Var, date) : date;
        this.privateKeyCache.remove(str);
        if (key instanceof PrivateKey) {
            if (certificateArr == null) {
                throw new KeyStoreException("BCFKS KeyStore requires a certificate chain for private key storage.");
            }
            try {
                byte[] encoded = key.getEncoded();
                ue2 generatePkbdAlgorithmIdentifier = generatePkbdAlgorithmIdentifier(af2.y0, 32);
                if (cArr == null) {
                    cArr = new char[0];
                }
                byte[] generateKey = generateKey(generatePkbdAlgorithmIdentifier, "PRIVATE_KEY_ENCRYPTION", cArr, 32);
                if (this.storeEncryptionAlgorithm.b(td2.P)) {
                    Cipher createCipher = createCipher("AES/CCM/NoPadding", generateKey);
                    se2Var = new se2(new kg2(af2.x0, new xe2(generatePkbdAlgorithmIdentifier, new te2(td2.P, sc2.a(createCipher.getParameters().getEncoded())))), createCipher.doFinal(encoded));
                } else {
                    se2Var = new se2(new kg2(af2.x0, new xe2(generatePkbdAlgorithmIdentifier, new te2(td2.Q))), createCipher("AESKWP", generateKey).doFinal(encoded));
                }
                this.entries.put(str, new jc2(PRIVATE_KEY, str, extractCreationDate, date, createPrivateKeySequence(se2Var, certificateArr).getEncoded(), null));
            } catch (Exception e) {
                throw new ExtKeyStoreException("BCFKS KeyStore exception storing private key: " + e.toString(), e);
            }
        } else {
            if (!(key instanceof SecretKey)) {
                throw new KeyStoreException("BCFKS KeyStore unable to recognize key.");
            }
            if (certificateArr != null) {
                throw new KeyStoreException("BCFKS KeyStore cannot store certificate chain with secret key.");
            }
            try {
                byte[] encoded2 = key.getEncoded();
                ue2 generatePkbdAlgorithmIdentifier2 = generatePkbdAlgorithmIdentifier(af2.y0, 32);
                if (cArr == null) {
                    cArr = new char[0];
                }
                byte[] generateKey2 = generateKey(generatePkbdAlgorithmIdentifier2, "SECRET_KEY_ENCRYPTION", cArr, 32);
                String d = ya3.d(key.getAlgorithm());
                if (d.indexOf(RSAUtils.ENCRYPTION_PATTERN_AES) > -1) {
                    pc2Var = new pc2(td2.s, encoded2);
                } else {
                    o92 o92Var = oidMap.get(d);
                    if (o92Var != null) {
                        pc2Var = new pc2(o92Var, encoded2);
                    } else {
                        o92 o92Var2 = oidMap.get(d + "." + (encoded2.length * 8));
                        if (o92Var2 == null) {
                            throw new KeyStoreException("BCFKS KeyStore cannot recognize secret key (" + d + ") for storage.");
                        }
                        pc2Var = new pc2(o92Var2, encoded2);
                    }
                }
                if (this.storeEncryptionAlgorithm.b(td2.P)) {
                    Cipher createCipher2 = createCipher("AES/CCM/NoPadding", generateKey2);
                    ic2Var = new ic2(new kg2(af2.x0, new xe2(generatePkbdAlgorithmIdentifier2, new te2(td2.P, sc2.a(createCipher2.getParameters().getEncoded())))), createCipher2.doFinal(pc2Var.getEncoded()));
                } else {
                    ic2Var = new ic2(new kg2(af2.x0, new xe2(generatePkbdAlgorithmIdentifier2, new te2(td2.Q))), createCipher("AESKWP", generateKey2).doFinal(pc2Var.getEncoded()));
                }
                this.entries.put(str, new jc2(SECRET_KEY, str, extractCreationDate, date, ic2Var.getEncoded(), null));
            } catch (Exception e2) {
                throw new ExtKeyStoreException("BCFKS KeyStore exception storing private key: " + e2.toString(), e2);
            }
        }
        this.lastModifiedDate = date;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        Date date = new Date();
        jc2 jc2Var = this.entries.get(str);
        Date extractCreationDate = jc2Var != null ? extractCreationDate(jc2Var, date) : date;
        if (certificateArr != null) {
            try {
                se2 a = se2.a(bArr);
                try {
                    this.privateKeyCache.remove(str);
                    this.entries.put(str, new jc2(PROTECTED_PRIVATE_KEY, str, extractCreationDate, date, createPrivateKeySequence(a, certificateArr).getEncoded(), null));
                } catch (Exception e) {
                    throw new ExtKeyStoreException("BCFKS KeyStore exception storing protected private key: " + e.toString(), e);
                }
            } catch (Exception e2) {
                throw new ExtKeyStoreException("BCFKS KeyStore private key encoding must be an EncryptedPrivateKeyInfo.", e2);
            }
        } else {
            try {
                this.entries.put(str, new jc2(PROTECTED_SECRET_KEY, str, extractCreationDate, date, bArr, null));
            } catch (Exception e3) {
                throw new ExtKeyStoreException("BCFKS KeyStore exception storing protected private key: " + e3.toString(), e3);
            }
        }
        this.lastModifiedDate = date;
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.entries.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        ue2 ue2Var;
        BigInteger f;
        if (this.creationDate == null) {
            throw new IOException("KeyStore not initialized");
        }
        gc2 encryptedObjectStoreData = getEncryptedObjectStoreData(this.hmacAlgorithm, cArr);
        if (nd2.y.b(this.hmacPkbdAlgorithm.e())) {
            qd2 a = qd2.a(this.hmacPkbdAlgorithm.f());
            ue2Var = this.hmacPkbdAlgorithm;
            f = a.g();
        } else {
            ye2 a2 = ye2.a(this.hmacPkbdAlgorithm.f());
            ue2Var = this.hmacPkbdAlgorithm;
            f = a2.f();
        }
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(ue2Var, f.intValue());
        try {
            outputStream.write(new lc2(encryptedObjectStoreData, new nc2(new oc2(this.hmacAlgorithm, this.hmacPkbdAlgorithm, calculateMac(encryptedObjectStoreData.getEncoded(), this.hmacAlgorithm, this.hmacPkbdAlgorithm, cArr)))).getEncoded());
            outputStream.flush();
        } catch (NoSuchProviderException e) {
            throw new IOException("cannot calculate mac: " + e.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
        qc2 qc2Var;
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'parameter' arg cannot be null");
        }
        if (loadStoreParameter instanceof xw2) {
            xw2 xw2Var = (xw2) loadStoreParameter;
            char[] extractPassword = extractPassword(loadStoreParameter);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(xw2Var.b(), 64);
            engineStore(xw2Var.a(), extractPassword);
            return;
        }
        if (!(loadStoreParameter instanceof BCFKSLoadStoreParameter)) {
            if (loadStoreParameter instanceof yw2) {
                engineStore(((yw2) loadStoreParameter).b(), extractPassword(loadStoreParameter));
                return;
            }
            throw new IllegalArgumentException("no support for 'parameter' of type " + loadStoreParameter.getClass().getName());
        }
        BCFKSLoadStoreParameter bCFKSLoadStoreParameter = (BCFKSLoadStoreParameter) loadStoreParameter;
        if (bCFKSLoadStoreParameter.i() == null) {
            char[] extractPassword2 = extractPassword(bCFKSLoadStoreParameter);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(bCFKSLoadStoreParameter.g(), 64);
            this.storeEncryptionAlgorithm = bCFKSLoadStoreParameter.e() == BCFKSLoadStoreParameter.EncryptionAlgorithm.AES256_CCM ? td2.P : td2.Q;
            this.hmacAlgorithm = bCFKSLoadStoreParameter.f() == BCFKSLoadStoreParameter.MacAlgorithm.HmacSHA512 ? new kg2(af2.L0, wa2.a) : new kg2(td2.r, wa2.a);
            engineStore(bCFKSLoadStoreParameter.b(), extractPassword2);
            return;
        }
        this.signatureAlgorithm = generateSignatureAlgId(bCFKSLoadStoreParameter.i(), bCFKSLoadStoreParameter.h());
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(bCFKSLoadStoreParameter.g(), 64);
        this.storeEncryptionAlgorithm = bCFKSLoadStoreParameter.e() == BCFKSLoadStoreParameter.EncryptionAlgorithm.AES256_CCM ? td2.P : td2.Q;
        this.hmacAlgorithm = bCFKSLoadStoreParameter.f() == BCFKSLoadStoreParameter.MacAlgorithm.HmacSHA512 ? new kg2(af2.L0, wa2.a) : new kg2(td2.r, wa2.a);
        gc2 encryptedObjectStoreData = getEncryptedObjectStoreData(this.signatureAlgorithm, extractPassword(bCFKSLoadStoreParameter));
        try {
            Signature createSignature = this.helper.createSignature(this.signatureAlgorithm.e().j());
            createSignature.initSign((PrivateKey) bCFKSLoadStoreParameter.i());
            createSignature.update(encryptedObjectStoreData.getEncoded());
            X509Certificate[] d = bCFKSLoadStoreParameter.d();
            if (d != null) {
                int length = d.length;
                wg2[] wg2VarArr = new wg2[length];
                for (int i = 0; i != length; i++) {
                    wg2VarArr[i] = wg2.a(d[i].getEncoded());
                }
                qc2Var = new qc2(this.signatureAlgorithm, wg2VarArr, createSignature.sign());
            } else {
                qc2Var = new qc2(this.signatureAlgorithm, createSignature.sign());
            }
            bCFKSLoadStoreParameter.b().write(new lc2(encryptedObjectStoreData, new nc2(qc2Var)).getEncoded());
            bCFKSLoadStoreParameter.b().flush();
        } catch (GeneralSecurityException e) {
            throw new IOException("error creating signature: " + e.getMessage(), e);
        }
    }
}
