package org.bouncycastle.jcajce.provider.keystore.pkcs12;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import o.AD;
import o.AbstractC4146l;
import o.C0579Bd0;
import o.C0711De;
import o.C0714Df;
import o.C0838Fd;
import o.C1046If;
import o.C1197Km;
import o.C1557Qa0;
import o.C1791Tn0;
import o.C2696co1;
import o.C2870do1;
import o.C3172fO0;
import o.C3219fi;
import o.C3716iY;
import o.C3730id0;
import o.C3889jY;
import o.C4459mn1;
import o.C4571nP;
import o.C4720oG;
import o.C5068qG;
import o.C5093qP;
import o.C5366s;
import o.C5534sy;
import o.C6191wg;
import o.C6264x4;
import o.C6325xP;
import o.C6434y21;
import o.C6539yg;
import o.C6707ze;
import o.CB0;
import o.EB;
import o.G;
import o.H;
import o.HE0;
import o.InterfaceC1409Nr0;
import o.InterfaceC1744Sw0;
import o.InterfaceC2077Ya0;
import o.InterfaceC4545nG;
import o.InterfaceC5606tL1;
import o.InterfaceC6414xw0;
import o.JE0;
import o.KE0;
import o.L;
import o.LA;
import o.MB;
import o.Np1;
import o.O;
import o.OB;
import o.P;
import o.PC0;
import o.PE0;
import o.PM;
import o.QO0;
import o.RA;
import o.RE0;
import o.SB;
import o.SE0;
import o.SX;
import o.TB;
import o.U80;
import o.UE0;
import o.VM;
import o.W10;
import o.WE0;
import o.XJ0;
import o.XM;
import o.r;
import org.bouncycastle.jcajce.provider.keystore.util.AdaptingKeyStoreSpi;
import org.bouncycastle.jcajce.provider.keystore.util.ParameterUtil;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: classes2.dex */
public class PKCS12KeyStoreSpi extends KeyStoreSpi implements WE0, InterfaceC5606tL1 {
    static final int CERTIFICATE = 1;
    static final int KEY = 2;
    static final int KEY_PRIVATE = 0;
    static final int KEY_PUBLIC = 1;
    static final int KEY_SECRET = 2;
    private static final int MIN_ITERATIONS = 51200;
    static final int NULL = 0;
    static final String PKCS12_MAX_IT_COUNT_PROPERTY = "org.bouncycastle.pkcs12.max_it_count";
    private static final int SALT_SIZE = 20;
    static final int SEALED = 4;
    static final int SECRET = 3;
    private static final DefaultSecretKeyProvider keySizeProvider = new DefaultSecretKeyProvider();
    private G certAlgorithm;
    private CertificateFactory certFact;
    private IgnoresCaseHashtable certs;
    private G keyAlgorithm;
    private IgnoresCaseHashtable keys;
    private IgnoresCaseHashtable localIds;
    private final InterfaceC2077Ya0 helper = new C0714Df();
    private Hashtable chainCerts = new Hashtable();
    private Hashtable keyCerts = new Hashtable();
    protected SecureRandom random = RA.d();
    private C6264x4 macAlgorithm = new C6264x4(CB0.i, MB.Y);
    private int itCount = 102400;
    private int saltLength = 20;

    /* loaded from: classes2.dex */
    public static class BCPKCS12KeyStore extends AdaptingKeyStoreSpi {
        public BCPKCS12KeyStore() {
            super(new C0714Df(), new PKCS12KeyStoreSpi(new C0714Df(), WE0.l2, WE0.o2));
        }
    }

    /* loaded from: classes2.dex */
    public static class BCPKCS12KeyStore3DES extends AdaptingKeyStoreSpi {
        /* JADX WARN: Illegal instructions before constructor call */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public BCPKCS12KeyStore3DES() {
            /*
                r4 = this;
                o.Df r0 = new o.Df
                r0.<init>()
                org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi r1 = new org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi
                o.Df r2 = new o.Df
                r2.<init>()
                o.G r3 = o.WE0.l2
                r1.<init>(r2, r3, r3)
                r4.<init>(r0, r1)
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.BCPKCS12KeyStore3DES.<init>():void");
        }
    }

    /* loaded from: classes2.dex */
    public static class BCPKCS12KeyStoreAES256 extends AdaptingKeyStoreSpi {
        public BCPKCS12KeyStoreAES256() {
            super(new C0714Df(), new PKCS12KeyStoreSpi(new C0714Df(), InterfaceC6414xw0.S, InterfaceC6414xw0.A));
        }
    }

    /* loaded from: classes2.dex */
    public static class BCPKCS12KeyStoreAES256GCM extends AdaptingKeyStoreSpi {
        public BCPKCS12KeyStoreAES256GCM() {
            super(new C0714Df(), new PKCS12KeyStoreSpi(new C0714Df(), InterfaceC6414xw0.W, InterfaceC6414xw0.E));
        }
    }

    /* loaded from: classes2.dex */
    public class CertId {
        byte[] id;

        public CertId(PublicKey publicKey) {
            this.id = PKCS12KeyStoreSpi.this.createSubjectKeyId(publicKey).k();
        }

        public CertId(byte[] bArr) {
            this.id = bArr;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (obj instanceof CertId) {
                return C0838Fd.c(this.id, ((CertId) obj).id);
            }
            return false;
        }

        public int hashCode() {
            return C0838Fd.w(this.id);
        }
    }

    /* loaded from: classes2.dex */
    public static class DefPKCS12KeyStore extends AdaptingKeyStoreSpi {
        public DefPKCS12KeyStore() {
            super(new AD(), new PKCS12KeyStoreSpi(new AD(), WE0.l2, WE0.o2));
        }
    }

    /* loaded from: classes2.dex */
    public static class DefPKCS12KeyStore3DES extends AdaptingKeyStoreSpi {
        /* JADX WARN: Illegal instructions before constructor call */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public DefPKCS12KeyStore3DES() {
            /*
                r4 = this;
                o.AD r0 = new o.AD
                r0.<init>()
                org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi r1 = new org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi
                o.AD r2 = new o.AD
                r2.<init>()
                o.G r3 = o.WE0.l2
                r1.<init>(r2, r3, r3)
                r4.<init>(r0, r1)
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.DefPKCS12KeyStore3DES.<init>():void");
        }
    }

    /* loaded from: classes2.dex */
    public static class DefPKCS12KeyStoreAES256 extends AdaptingKeyStoreSpi {
        public DefPKCS12KeyStoreAES256() {
            super(new C0714Df(), new PKCS12KeyStoreSpi(new C0714Df(), InterfaceC6414xw0.S, InterfaceC6414xw0.A));
        }
    }

    /* loaded from: classes2.dex */
    public static class DefPKCS12KeyStoreAES256GCM extends AdaptingKeyStoreSpi {
        public DefPKCS12KeyStoreAES256GCM() {
            super(new C0714Df(), new PKCS12KeyStoreSpi(new C0714Df(), InterfaceC6414xw0.W, InterfaceC6414xw0.E));
        }
    }

    /* loaded from: classes2.dex */
    public static class DefaultSecretKeyProvider {
        private final Map KEY_SIZES;

        public DefaultSecretKeyProvider() {
            HashMap hashMap = new HashMap();
            hashMap.put(new G("1.2.840.113533.7.66.10"), U80.d(128));
            hashMap.put(WE0.R, U80.d(192));
            hashMap.put(InterfaceC6414xw0.A, U80.d(128));
            hashMap.put(InterfaceC6414xw0.J, U80.d(192));
            hashMap.put(InterfaceC6414xw0.S, U80.d(256));
            hashMap.put(InterfaceC6414xw0.E, U80.d(128));
            hashMap.put(InterfaceC6414xw0.W, U80.d(256));
            hashMap.put(InterfaceC1744Sw0.a, U80.d(128));
            hashMap.put(InterfaceC1744Sw0.b, U80.d(192));
            hashMap.put(InterfaceC1744Sw0.c, U80.d(256));
            hashMap.put(LA.f, U80.d(256));
            this.KEY_SIZES = Collections.unmodifiableMap(hashMap);
        }

        public int getKeySize(C6264x4 c6264x4) {
            Integer num = (Integer) this.KEY_SIZES.get(c6264x4.k());
            if (num != null) {
                return num.intValue();
            }
            return -1;
        }
    }

    /* loaded from: classes2.dex */
    public static class IgnoresCaseHashtable {
        private Hashtable keys;
        private Hashtable orig;

        private IgnoresCaseHashtable() {
            this.orig = new Hashtable();
            this.keys = new Hashtable();
        }

        public Enumeration elements() {
            return this.orig.elements();
        }

        public Object get(String str) {
            String str2 = (String) this.keys.get(str == null ? null : C4459mn1.g(str));
            if (str2 == null) {
                return null;
            }
            return this.orig.get(str2);
        }

        public Enumeration keys() {
            return new Hashtable(this.orig).keys();
        }

        public void put(String str, Object obj) {
            String g = str == null ? null : C4459mn1.g(str);
            String str2 = (String) this.keys.get(g);
            if (str2 != null) {
                this.orig.remove(str2);
            }
            this.keys.put(g, str);
            this.orig.put(str, obj);
        }

        public Object remove(String str) {
            String str2 = (String) this.keys.remove(str == null ? null : C4459mn1.g(str));
            if (str2 == null) {
                return null;
            }
            return this.orig.remove(str2);
        }

        public int size() {
            return this.orig.size();
        }
    }

    public PKCS12KeyStoreSpi(InterfaceC2077Ya0 interfaceC2077Ya0, G g, G g2) {
        this.keys = new IgnoresCaseHashtable();
        this.localIds = new IgnoresCaseHashtable();
        this.certs = new IgnoresCaseHashtable();
        this.keyAlgorithm = g;
        this.certAlgorithm = g2;
        try {
            this.certFact = interfaceC2077Ya0.f("X.509");
        } catch (Exception e) {
            throw new IllegalArgumentException("can't create cert factory - " + e.toString());
        }
    }

    private byte[] calculatePbeMac(G g, byte[] bArr, int i, char[] cArr, boolean z, byte[] bArr2) {
        PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i);
        Mac e = this.helper.e(g.z());
        e.init(new RE0(cArr, z), pBEParameterSpec);
        e.update(bArr2);
        return e.doFinal();
    }

    private Cipher createCipher(int i, char[] cArr, C6264x4 c6264x4) {
        AlgorithmParameterSpec c3716iY;
        HE0 l = HE0.l(c6264x4.n());
        KE0 k = KE0.k(l.m().m());
        C6264x4 l2 = C6264x4.l(l.k());
        SecretKey generateSecret = this.helper.h(l.m().k().z()).generateSecret(k.p() ? new PBEKeySpec(cArr, k.o(), validateIterationCount(k.l()), keySizeProvider.getKeySize(l2)) : new JE0(cArr, k.o(), validateIterationCount(k.l()), keySizeProvider.getKeySize(l2), k.n()));
        Cipher d = this.helper.d(l.k().k().z());
        r m = l.k().m();
        if (m instanceof H) {
            c3716iY = new IvParameterSpec(H.v(m).x());
        } else {
            O w = O.w(m);
            if (!(w.y(1) instanceof G)) {
                AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(l2.k().z(), BouncyCastleProvider.PROVIDER_NAME);
                try {
                    algorithmParameters.init(w.getEncoded());
                    d.init(i, generateSecret, algorithmParameters);
                    return d;
                } catch (IOException e) {
                    throw new InvalidKeySpecException(e.getMessage());
                }
            }
            C3889jY m2 = C3889jY.m(m);
            c3716iY = new C3716iY(m2.k(), m2.l());
        }
        d.init(i, generateSecret, c3716iY);
        return d;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private C6434y21 createSafeBag(String str, Certificate certificate, boolean z) {
        SB sb;
        C1197Km c1197Km = new C1197Km(WE0.H0, new OB(certificate.getEncoded()));
        C5366s c5366s = new C5366s();
        boolean z2 = false;
        if (certificate instanceof PE0) {
            PE0 pe0 = (PE0) certificate;
            G g = WE0.D0;
            AbstractC4146l abstractC4146l = (AbstractC4146l) pe0.d(g);
            if (z && ((abstractC4146l == null || !abstractC4146l.e().equals(str)) && str != null)) {
                pe0.f(g, new EB(str));
            }
            Enumeration c = pe0.c();
            while (c.hasMoreElements()) {
                G g2 = (G) c.nextElement();
                if (!g2.q(WE0.E0) && !g2.q(InterfaceC1409Nr0.R)) {
                    C5366s c5366s2 = new C5366s();
                    c5366s2.a(g2);
                    c5366s2.a(new TB(pe0.d(g2)));
                    c5366s.a(new SB(c5366s2));
                    z2 = true;
                }
            }
        }
        if (!z2) {
            C5366s c5366s3 = new C5366s();
            c5366s3.a(WE0.D0);
            c5366s3.a(new TB(new EB(str)));
            c5366s.a(new SB(c5366s3));
        }
        if (certificate instanceof X509Certificate) {
            C6325xP l = Np1.m(((X509Certificate) certificate).getTBSCertificate()).l();
            if (l != null) {
                C5093qP k = l.k(C5093qP.C4);
                if (k != null) {
                    C5366s c5366s4 = new C5366s();
                    c5366s4.a(InterfaceC1409Nr0.R);
                    c5366s4.a(new TB(C4571nP.k(k.o()).l()));
                    c5366s.a(new SB(c5366s4));
                } else {
                    C5366s c5366s5 = new C5366s();
                    c5366s5.a(InterfaceC1409Nr0.R);
                    c5366s5.a(new TB(C0579Bd0.Z));
                    sb = new SB(c5366s5);
                }
            } else {
                C5366s c5366s6 = new C5366s();
                c5366s6.a(InterfaceC1409Nr0.R);
                c5366s6.a(new TB(C0579Bd0.Z));
                sb = new SB(c5366s6);
            }
            c5366s.a(sb);
        }
        return new C6434y21(WE0.e2, c1197Km.c(), new TB(c5366s));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public C2696co1 createSubjectKeyId(PublicKey publicKey) {
        try {
            return new C2696co1(getDigest(C2870do1.l(publicKey.getEncoded())));
        } catch (Exception unused) {
            throw new RuntimeException("error creating key");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void doStore(OutputStream outputStream, char[] cArr, boolean z, boolean z2) {
        C6264x4 c6264x4;
        C1791Tn0 c1791Tn0;
        boolean z3;
        Enumeration enumeration;
        String str;
        C6264x4 c6264x42;
        byte[] bArr;
        boolean z4;
        if (!z2) {
            syncFriendlyName();
        }
        String str2 = "BER";
        if (this.keys.size() == 0) {
            if (cArr == null) {
                Enumeration keys = this.certs.keys();
                C5366s c5366s = new C5366s();
                while (keys.hasMoreElements()) {
                    try {
                        String str3 = (String) keys.nextElement();
                        c5366s.a(createSafeBag(str3, (Certificate) this.certs.get(str3), z2));
                    } catch (CertificateEncodingException e) {
                        throw new IOException("Error encoding certificate: " + e.toString());
                    }
                }
                G g = WE0.j0;
                if (z) {
                    new XJ0(new C5534sy(g, new OB(new SB(new C5534sy(g, new OB(new SB(c5366s).getEncoded()))).getEncoded())), null).i(outputStream, "DER");
                    return;
                } else {
                    new XJ0(new C5534sy(g, new C6191wg(new C6539yg(new C5534sy(g, new C6191wg(new C6539yg(c5366s).getEncoded()))).getEncoded())), null).i(outputStream, "BER");
                    return;
                }
            }
        } else if (cArr == null) {
            throw new NullPointerException("no password supplied for PKCS#12 KeyStore");
        }
        C5366s c5366s2 = new C5366s();
        Enumeration keys2 = this.keys.keys();
        while (keys2.hasMoreElements()) {
            byte[] bArr2 = new byte[20];
            this.random.nextBytes(bArr2);
            String str4 = (String) keys2.nextElement();
            PrivateKey privateKey = (PrivateKey) this.keys.get(str4);
            if (isPBKDF2(this.keyAlgorithm)) {
                enumeration = keys2;
                KE0 ke0 = new KE0(bArr2, MIN_ITERATIONS, getKeyLength(this.keyAlgorithm), new C6264x4(WE0.d0, MB.Y));
                G g2 = this.keyAlgorithm;
                XM xm = new XM(g2, getAlgParams(g2));
                str = str2;
                c6264x42 = new C6264x4(WE0.O, new HE0(new C3730id0(WE0.N, ke0), xm));
                bArr = wrapKey(xm, privateKey, ke0, cArr);
            } else {
                enumeration = keys2;
                str = str2;
                SE0 se0 = new SE0(bArr2, MIN_ITERATIONS);
                byte[] wrapKey = wrapKey(this.keyAlgorithm.z(), privateKey, se0, cArr);
                c6264x42 = new C6264x4(this.keyAlgorithm, se0.c());
                bArr = wrapKey;
            }
            VM vm = new VM(c6264x42, bArr);
            C5366s c5366s3 = new C5366s();
            if (privateKey instanceof PE0) {
                PE0 pe0 = (PE0) privateKey;
                G g3 = WE0.D0;
                AbstractC4146l abstractC4146l = (AbstractC4146l) pe0.d(g3);
                if (z2 && (abstractC4146l == null || !abstractC4146l.e().equals(str4))) {
                    pe0.f(g3, new EB(str4));
                }
                G g4 = WE0.E0;
                if (pe0.d(g4) == null) {
                    pe0.f(g4, createSubjectKeyId(engineGetCertificate(str4).getPublicKey()));
                }
                Enumeration c = pe0.c();
                z4 = false;
                while (c.hasMoreElements()) {
                    G g5 = (G) c.nextElement();
                    C5366s c5366s4 = new C5366s();
                    c5366s4.a(g5);
                    c5366s4.a(new TB(pe0.d(g5)));
                    c5366s3.a(new SB(c5366s4));
                    z4 = true;
                }
            } else {
                z4 = false;
            }
            if (!z4) {
                C5366s c5366s5 = new C5366s();
                Certificate engineGetCertificate = engineGetCertificate(str4);
                c5366s5.a(WE0.E0);
                c5366s5.a(new TB(createSubjectKeyId(engineGetCertificate.getPublicKey())));
                c5366s3.a(new SB(c5366s5));
                C5366s c5366s6 = new C5366s();
                c5366s6.a(WE0.D0);
                c5366s6.a(new TB(new EB(str4)));
                c5366s3.a(new SB(c5366s6));
            }
            c5366s2.a(new C6434y21(WE0.d2, vm.c(), new TB(c5366s3)));
            keys2 = enumeration;
            str2 = str;
        }
        String str5 = str2;
        C6191wg c6191wg = new C6191wg(new SB(c5366s2).j("DER"));
        byte[] bArr3 = new byte[20];
        this.random.nextBytes(bArr3);
        C5366s c5366s7 = new C5366s();
        if (isPBKDF2(this.certAlgorithm)) {
            KE0 ke02 = new KE0(bArr3, MIN_ITERATIONS, getKeyLength(this.certAlgorithm), new C6264x4(WE0.d0, MB.Y));
            G g6 = WE0.O;
            C3730id0 c3730id0 = new C3730id0(WE0.N, ke02);
            G g7 = this.certAlgorithm;
            c6264x4 = new C6264x4(g6, new HE0(c3730id0, new XM(g7, getAlgParams(g7))));
        } else {
            c6264x4 = new C6264x4(this.certAlgorithm, new SE0(bArr3, MIN_ITERATIONS).c());
        }
        Hashtable hashtable = new Hashtable();
        Enumeration keys3 = this.keys.keys();
        while (keys3.hasMoreElements()) {
            try {
                String str6 = (String) keys3.nextElement();
                Certificate engineGetCertificate2 = engineGetCertificate(str6);
                C6264x4 c6264x43 = c6264x4;
                C1197Km c1197Km = new C1197Km(WE0.H0, new OB(engineGetCertificate2.getEncoded()));
                C5366s c5366s8 = new C5366s();
                if (engineGetCertificate2 instanceof PE0) {
                    PE0 pe02 = (PE0) engineGetCertificate2;
                    G g8 = WE0.D0;
                    AbstractC4146l abstractC4146l2 = (AbstractC4146l) pe02.d(g8);
                    if (z2) {
                        if (abstractC4146l2 != null) {
                            if (!abstractC4146l2.e().equals(str6)) {
                            }
                        }
                        pe02.f(g8, new EB(str6));
                    }
                    G g9 = WE0.E0;
                    if (pe02.d(g9) == null) {
                        pe02.f(g9, createSubjectKeyId(engineGetCertificate2.getPublicKey()));
                    }
                    Enumeration c2 = pe02.c();
                    z3 = false;
                    while (c2.hasMoreElements()) {
                        G g10 = (G) c2.nextElement();
                        Enumeration enumeration2 = c2;
                        C5366s c5366s9 = new C5366s();
                        c5366s9.a(g10);
                        c5366s9.a(new TB(pe02.d(g10)));
                        c5366s8.a(new SB(c5366s9));
                        c2 = enumeration2;
                        keys3 = keys3;
                        z3 = true;
                    }
                } else {
                    z3 = false;
                }
                Enumeration enumeration3 = keys3;
                if (!z3) {
                    C5366s c5366s10 = new C5366s();
                    c5366s10.a(WE0.E0);
                    c5366s10.a(new TB(createSubjectKeyId(engineGetCertificate2.getPublicKey())));
                    c5366s8.a(new SB(c5366s10));
                    C5366s c5366s11 = new C5366s();
                    c5366s11.a(WE0.D0);
                    c5366s11.a(new TB(new EB(str6)));
                    c5366s8.a(new SB(c5366s11));
                }
                c5366s7.a(new C6434y21(WE0.e2, c1197Km.c(), new TB(c5366s8)));
                hashtable.put(engineGetCertificate2, engineGetCertificate2);
                c6264x4 = c6264x43;
                keys3 = enumeration3;
            } catch (CertificateEncodingException e2) {
                throw new IOException("Error encoding certificate: " + e2.toString());
            }
        }
        C6264x4 c6264x44 = c6264x4;
        Enumeration keys4 = this.certs.keys();
        while (keys4.hasMoreElements()) {
            try {
                String str7 = (String) keys4.nextElement();
                Certificate certificate = (Certificate) this.certs.get(str7);
                if (this.keys.get(str7) == null) {
                    c5366s7.a(createSafeBag(str7, certificate, z2));
                    hashtable.put(certificate, certificate);
                }
            } catch (CertificateEncodingException e3) {
                throw new IOException("Error encoding certificate: " + e3.toString());
            }
        }
        Set usedCertificateSet = getUsedCertificateSet();
        Enumeration keys5 = this.chainCerts.keys();
        while (keys5.hasMoreElements()) {
            try {
                Certificate certificate2 = (Certificate) this.chainCerts.get((CertId) keys5.nextElement());
                if (usedCertificateSet.contains(certificate2) && hashtable.get(certificate2) == null) {
                    C1197Km c1197Km2 = new C1197Km(WE0.H0, new OB(certificate2.getEncoded()));
                    C5366s c5366s12 = new C5366s();
                    if (certificate2 instanceof PE0) {
                        PE0 pe03 = (PE0) certificate2;
                        Enumeration c3 = pe03.c();
                        while (c3.hasMoreElements()) {
                            G g11 = (G) c3.nextElement();
                            if (!g11.q(WE0.E0)) {
                                C5366s c5366s13 = new C5366s();
                                c5366s13.a(g11);
                                c5366s13.a(new TB(pe03.d(g11)));
                                c5366s12.a(new SB(c5366s13));
                            }
                        }
                    }
                    c5366s7.a(new C6434y21(WE0.e2, c1197Km2.c(), new TB(c5366s12)));
                }
            } catch (CertificateEncodingException e4) {
                throw new IOException("Error encoding certificate: " + e4.toString());
            }
        }
        byte[] cryptData = cryptData(true, c6264x44, cArr, false, new SB(c5366s7).j("DER"));
        G g12 = WE0.j0;
        C5534sy c5534sy = new C5534sy(g12, new C6191wg(new C6707ze(new C5534sy[]{new C5534sy(g12, c6191wg), new C5534sy(WE0.o0, new PM(g12, c6264x44, new C6191wg(cryptData)).c())}).j(z ? "DER" : str5)));
        byte[] bArr4 = new byte[this.saltLength];
        this.random.nextBytes(bArr4);
        byte[] x = ((H) c5534sy.k()).x();
        if (this.keyAlgorithm.q(InterfaceC6414xw0.W)) {
            c1791Tn0 = null;
        } else {
            try {
                c1791Tn0 = new C1791Tn0(new C5068qG(this.macAlgorithm, calculatePbeMac(this.macAlgorithm.k(), bArr4, this.itCount, cArr, false, x)), bArr4, this.itCount);
            } catch (Exception e5) {
                throw new IOException("error constructing MAC: " + e5.toString());
            }
        }
        new XJ0(c5534sy, c1791Tn0).i(outputStream, z ? "DER" : str5);
    }

    private L getAlgParams(G g) {
        if (g.q(InterfaceC6414xw0.A) || g.q(InterfaceC6414xw0.S)) {
            byte[] bArr = new byte[16];
            this.random.nextBytes(bArr);
            return new OB(bArr);
        }
        if (!g.q(InterfaceC6414xw0.E) && !g.q(InterfaceC6414xw0.W)) {
            throw new IllegalStateException("unknown encryption OID in getAlgParams()");
        }
        byte[] bArr2 = new byte[12];
        this.random.nextBytes(bArr2);
        return new SX(bArr2, 16).c();
    }

    private static byte[] getDigest(C2870do1 c2870do1) {
        InterfaceC4545nG b = C4720oG.b();
        byte[] bArr = new byte[b.getDigestSize()];
        byte[] v = c2870do1.m().v();
        b.update(v, 0, v.length);
        b.doFinal(bArr, 0);
        return bArr;
    }

    private static int getKeyLength(G g) {
        return (g.q(InterfaceC6414xw0.S) || g.q(InterfaceC6414xw0.W)) ? 32 : 16;
    }

    private Set getUsedCertificateSet() {
        HashSet hashSet = new HashSet();
        Enumeration keys = this.keys.keys();
        while (keys.hasMoreElements()) {
            Certificate[] engineGetCertificateChain = engineGetCertificateChain((String) keys.nextElement());
            for (int i = 0; i != engineGetCertificateChain.length; i++) {
                hashSet.add(engineGetCertificateChain[i]);
            }
        }
        Enumeration keys2 = this.certs.keys();
        while (keys2.hasMoreElements()) {
            hashSet.add(engineGetCertificate((String) keys2.nextElement()));
        }
        return hashSet;
    }

    private static boolean isPBKDF2(G g) {
        return g.q(InterfaceC6414xw0.S) || g.q(InterfaceC6414xw0.W) || g.q(InterfaceC6414xw0.A) || g.q(InterfaceC6414xw0.E);
    }

    private void processKeyBag(C6434y21 c6434y21) {
        String str;
        PrivateKey privateKey = BouncyCastleProvider.getPrivateKey(C3172fO0.l(c6434y21.m()));
        H h = null;
        String str2 = null;
        if (privateKey instanceof PE0) {
            PE0 pe0 = (PE0) privateKey;
            Enumeration y = c6434y21.k().y();
            H h2 = null;
            while (y.hasMoreElements()) {
                O w = O.w(y.nextElement());
                G A = G.A(w.y(0));
                P v = P.v(w.y(1));
                if (v.size() > 0) {
                    L l = (L) v.x(0);
                    r d = pe0.d(A);
                    if (d == null) {
                        pe0.f(A, l);
                    } else if (!d.c().q(l)) {
                        throw new IOException("attempt to add existing attribute with different value");
                    }
                    if (A.q(WE0.D0)) {
                        str2 = ((AbstractC4146l) l).e();
                        this.keys.put(str2, privateKey);
                    } else if (A.q(WE0.E0)) {
                        h2 = (H) l;
                    }
                }
            }
            str = str2;
            h = h2;
        } else {
            str = null;
        }
        String str3 = new String(W10.c(h.x()));
        if (str == null) {
            this.keys.put(str3, privateKey);
        } else {
            this.localIds.put(str, str3);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r4v11 */
    /* JADX WARN: Type inference failed for: r4v12 */
    /* JADX WARN: Type inference failed for: r4v13 */
    /* JADX WARN: Type inference failed for: r4v5 */
    /* JADX WARN: Type inference failed for: r4v6 */
    private boolean processShroudedKeyBag(C6434y21 c6434y21, char[] cArr, boolean z) {
        String str;
        H h;
        VM m = VM.m(c6434y21.m());
        PrivateKey unwrapKey = unwrapKey(m.l(), m.k(), cArr, z);
        H h2 = null;
        if (c6434y21.k() != null) {
            Enumeration y = c6434y21.k().y();
            str = null;
            H h3 = null;
            while (y.hasMoreElements()) {
                O o2 = (O) y.nextElement();
                G g = (G) o2.y(0);
                P p = (P) o2.y(1);
                if (p.size() > 0) {
                    L l = (L) p.x(0);
                    h = l;
                    if (unwrapKey instanceof PE0) {
                        PE0 pe0 = (PE0) unwrapKey;
                        r d = pe0.d(g);
                        if (d != null) {
                            boolean q = d.c().q(l);
                            h = l;
                            if (!q) {
                                throw new IOException("attempt to add existing attribute with different value");
                            }
                        } else {
                            pe0.f(g, l);
                            h = l;
                        }
                    }
                } else {
                    h = 0;
                }
                if (g.q(WE0.D0)) {
                    str = ((AbstractC4146l) h).e();
                    this.keys.put(str, unwrapKey);
                } else if (g.q(WE0.E0)) {
                    h3 = h;
                }
            }
            h2 = h3;
        } else {
            str = null;
        }
        if (h2 == null) {
            this.keys.put("unmarked", unwrapKey);
            return true;
        }
        String str2 = new String(W10.c(h2.x()));
        if (str == null) {
            this.keys.put(str2, unwrapKey);
        } else {
            this.localIds.put(str, str2);
        }
        return false;
    }

    private void syncFriendlyName() {
        r d;
        r d2;
        r d3;
        Enumeration keys = this.keys.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement();
            PrivateKey privateKey = (PrivateKey) this.keys.get(str);
            if ((privateKey instanceof PE0) && (d3 = ((PE0) privateKey).d(WE0.D0)) != null && !str.equals(d3.toString())) {
                this.keys.put(d3.toString(), privateKey);
                this.keys.remove(str);
            }
        }
        Enumeration keys2 = this.certs.keys();
        while (keys2.hasMoreElements()) {
            String str2 = (String) keys2.nextElement();
            Object obj = (Certificate) this.certs.get(str2);
            if ((obj instanceof PE0) && (d2 = ((PE0) obj).d(WE0.D0)) != null && !str2.equals(d2.toString())) {
                this.certs.put(d2.toString(), obj);
                this.certs.remove(str2);
            }
        }
        Enumeration keys3 = this.keyCerts.keys();
        while (keys3.hasMoreElements()) {
            String str3 = (String) keys3.nextElement();
            Object obj2 = (Certificate) this.keyCerts.get(str3);
            if ((obj2 instanceof PE0) && (d = ((PE0) obj2).d(WE0.D0)) != null && !str3.equals(d.toString())) {
                this.keyCerts.put(d.toString(), obj2);
                this.keyCerts.remove(str3);
            }
        }
    }

    private int validateIterationCount(BigInteger bigInteger) {
        int g = C3219fi.g(bigInteger);
        if (g < 0) {
            throw new IllegalStateException("negative iteration count found");
        }
        BigInteger a = QO0.a(PKCS12_MAX_IT_COUNT_PROPERTY);
        if (a == null || C3219fi.g(a) >= g) {
            return g;
        }
        throw new IllegalStateException("iteration count " + g + " greater than " + C3219fi.g(a));
    }

    public byte[] cryptData(boolean z, C6264x4 c6264x4, char[] cArr, boolean z2, byte[] bArr) {
        G k = c6264x4.k();
        int i = z ? 1 : 2;
        if (k.F(WE0.i2)) {
            SE0 l = SE0.l(c6264x4.n());
            try {
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(l.k(), C3219fi.g(l.m()));
                RE0 re0 = new RE0(cArr, z2);
                Cipher d = this.helper.d(k.z());
                d.init(i, re0, pBEParameterSpec);
                return d.doFinal(bArr);
            } catch (Exception e) {
                throw new IOException("exception decrypting data - " + e.toString());
            }
        }
        if (!k.q(WE0.O)) {
            throw new IOException("unknown PBE algorithm: " + k);
        }
        try {
            return createCipher(i, cArr, c6264x4).doFinal(bArr);
        } catch (Exception e2) {
            throw new IOException("exception decrypting data - " + e2.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        Hashtable hashtable = new Hashtable();
        Enumeration keys = this.certs.keys();
        while (keys.hasMoreElements()) {
            hashtable.put(keys.nextElement(), "cert");
        }
        Enumeration keys2 = this.keys.keys();
        while (keys2.hasMoreElements()) {
            String str = (String) keys2.nextElement();
            if (hashtable.get(str) == null) {
                hashtable.put(str, "key");
            }
        }
        return hashtable.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return (this.certs.get(str) == null && this.keys.get(str) == null) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) {
        String str2;
        Certificate certificate;
        Certificate certificate2 = (Certificate) this.certs.remove(str);
        if (certificate2 != null) {
            this.chainCerts.remove(new CertId(certificate2.getPublicKey()));
        }
        if (((Key) this.keys.remove(str)) == null || (str2 = (String) this.localIds.remove(str)) == null || (certificate = (Certificate) this.keyCerts.remove(str2)) == null) {
            return;
        }
        this.chainCerts.remove(new CertId(certificate.getPublicKey()));
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (str == null) {
            throw new IllegalArgumentException("null alias passed to getCertificate.");
        }
        Certificate certificate = (Certificate) this.certs.get(str);
        if (certificate != null) {
            return certificate;
        }
        String str2 = (String) this.localIds.get(str);
        return (Certificate) (str2 != null ? this.keyCerts.get(str2) : this.keyCerts.get(str));
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration elements = this.certs.elements();
        Enumeration keys = this.certs.keys();
        while (elements.hasMoreElements()) {
            Certificate certificate2 = (Certificate) elements.nextElement();
            String str = (String) keys.nextElement();
            if (certificate2.equals(certificate)) {
                return str;
            }
        }
        Enumeration elements2 = this.keyCerts.elements();
        Enumeration keys2 = this.keyCerts.keys();
        while (elements2.hasMoreElements()) {
            Certificate certificate3 = (Certificate) elements2.nextElement();
            String str2 = (String) keys2.nextElement();
            if (certificate3.equals(certificate)) {
                return str2;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        byte[] l;
        if (str == null) {
            throw new IllegalArgumentException("null alias passed to getCertificateChain.");
        }
        Certificate[] certificateArr = null;
        if (!engineIsKeyEntry(str)) {
            return null;
        }
        Certificate engineGetCertificate = engineGetCertificate(str);
        if (engineGetCertificate != null) {
            Vector vector = new Vector();
            while (engineGetCertificate != null) {
                X509Certificate x509Certificate = (X509Certificate) engineGetCertificate;
                byte[] extensionValue = x509Certificate.getExtensionValue(C5093qP.A4.z());
                Certificate certificate = (extensionValue == null || (l = C0711De.k(H.v(extensionValue).x()).l()) == null) ? null : (Certificate) this.chainCerts.get(new CertId(l));
                if (certificate == null) {
                    Principal issuerDN = x509Certificate.getIssuerDN();
                    if (!issuerDN.equals(x509Certificate.getSubjectDN())) {
                        Enumeration keys = this.chainCerts.keys();
                        while (true) {
                            if (!keys.hasMoreElements()) {
                                break;
                            }
                            X509Certificate x509Certificate2 = (X509Certificate) this.chainCerts.get(keys.nextElement());
                            if (x509Certificate2.getSubjectDN().equals(issuerDN)) {
                                try {
                                    x509Certificate.verify(x509Certificate2.getPublicKey());
                                    certificate = x509Certificate2;
                                    break;
                                } catch (Exception unused) {
                                }
                            }
                        }
                    }
                }
                if (!vector.contains(engineGetCertificate)) {
                    vector.addElement(engineGetCertificate);
                    if (certificate != engineGetCertificate) {
                        engineGetCertificate = certificate;
                    }
                }
                engineGetCertificate = null;
            }
            int size = vector.size();
            certificateArr = new Certificate[size];
            for (int i = 0; i != size; i++) {
                certificateArr[i] = (Certificate) vector.elementAt(i);
            }
        }
        return certificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        if (str == null) {
            throw new NullPointerException("alias == null");
        }
        if (this.keys.get(str) == null && this.certs.get(str) == null) {
            return null;
        }
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) {
        if (str != null) {
            return (Key) this.keys.get(str);
        }
        throw new IllegalArgumentException("null alias passed to getKey.");
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return this.certs.get(str) != null && this.keys.get(str) == null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return this.keys.get(str) != null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:109:0x0362  */
    /* JADX WARN: Removed duplicated region for block: B:113:0x0369  */
    /* JADX WARN: Type inference failed for: r3v8, types: [org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi$IgnoresCaseHashtable] */
    /* JADX WARN: Type inference failed for: r4v6, types: [java.security.cert.Certificate, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r6v16 */
    /* JADX WARN: Type inference failed for: r6v17 */
    /* JADX WARN: Type inference failed for: r6v18 */
    /* JADX WARN: Type inference failed for: r6v19 */
    /* JADX WARN: Type inference failed for: r6v20 */
    /* JADX WARN: Type inference failed for: r6v34 */
    /* JADX WARN: Type inference failed for: r6v35 */
    /* JADX WARN: Type inference failed for: r6v36 */
    /* JADX WARN: Type inference failed for: r6v4 */
    /* JADX WARN: Type inference failed for: r6v5, types: [o.H] */
    @Override // java.security.KeyStoreSpi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void engineLoad(java.io.InputStream r19, char[] r20) {
        /*
            Method dump skipped, instructions count: 1087
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineLoad(java.io.InputStream, char[]):void");
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) {
        if (loadStoreParameter == null) {
            engineLoad(null, null);
        } else {
            if (loadStoreParameter instanceof C1046If) {
                engineLoad(((C1046If) loadStoreParameter).a(), ParameterUtil.extractPassword(loadStoreParameter));
                return;
            }
            throw new IllegalArgumentException("no support for 'param' of type " + loadStoreParameter.getClass().getName());
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineProbe(InputStream inputStream) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) {
        if (this.keys.get(str) == null) {
            this.certs.put(str, certificate);
            this.chainCerts.put(new CertId(certificate.getPublicKey()), certificate);
        } else {
            throw new KeyStoreException("There is a key entry with the name " + str + ".");
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        if (!(key instanceof PrivateKey)) {
            throw new KeyStoreException("PKCS12 does not support non-PrivateKeys");
        }
        if (PC0.a(key) && certificateArr == null) {
            throw new KeyStoreException("no certificate chain for private key");
        }
        if (this.keys.get(str) != null) {
            engineDeleteEntry(str);
        }
        this.keys.put(str, key);
        if (certificateArr != null) {
            this.certs.put(str, certificateArr[0]);
            for (int i = 0; i != certificateArr.length; i++) {
                this.chainCerts.put(new CertId(certificateArr[i].getPublicKey()), certificateArr[i]);
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        throw new RuntimeException("operation not supported");
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        Hashtable hashtable = new Hashtable();
        Enumeration keys = this.certs.keys();
        while (keys.hasMoreElements()) {
            hashtable.put(keys.nextElement(), "cert");
        }
        Enumeration keys2 = this.keys.keys();
        while (keys2.hasMoreElements()) {
            String str = (String) keys2.nextElement();
            if (hashtable.get(str) == null) {
                hashtable.put(str, "key");
            }
        }
        return hashtable.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        doStore(outputStream, cArr, false, true);
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) {
        UE0 ue0;
        char[] password;
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'param' arg cannot be null");
        }
        boolean z = loadStoreParameter instanceof UE0;
        if (!z && !(loadStoreParameter instanceof C1557Qa0)) {
            throw new IllegalArgumentException("No support for 'param' of type " + loadStoreParameter.getClass().getName());
        }
        if (z) {
            ue0 = (UE0) loadStoreParameter;
        } else {
            C1557Qa0 c1557Qa0 = (C1557Qa0) loadStoreParameter;
            ue0 = new UE0(c1557Qa0.a(), loadStoreParameter.getProtectionParameter(), c1557Qa0.c(), c1557Qa0.b());
        }
        KeyStore.ProtectionParameter protectionParameter = loadStoreParameter.getProtectionParameter();
        if (protectionParameter == null) {
            password = null;
        } else {
            if (!(protectionParameter instanceof KeyStore.PasswordProtection)) {
                throw new IllegalArgumentException("No support for protection parameter of type " + protectionParameter.getClass().getName());
            }
            password = ((KeyStore.PasswordProtection) protectionParameter).getPassword();
        }
        doStore(ue0.a(), password, ue0.b(), ue0.c());
    }

    public void setRandom(SecureRandom secureRandom) {
        this.random = secureRandom;
    }

    public PrivateKey unwrapKey(C6264x4 c6264x4, byte[] bArr, char[] cArr, boolean z) {
        Key unwrap;
        G k = c6264x4.k();
        try {
            if (k.F(WE0.i2)) {
                SE0 l = SE0.l(c6264x4.n());
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(l.k(), validateIterationCount(l.m()));
                Cipher d = this.helper.d(k.z());
                d.init(4, new RE0(cArr, z), pBEParameterSpec);
                unwrap = d.unwrap(bArr, "", 2);
            } else {
                if (!k.q(WE0.O)) {
                    throw new IOException("exception unwrapping private key - cannot recognise: " + k);
                }
                unwrap = createCipher(4, cArr, c6264x4).unwrap(bArr, "", 2);
            }
            return (PrivateKey) unwrap;
        } catch (Exception e) {
            throw new IOException("exception unwrapping private key - " + e.toString());
        }
    }

    public byte[] wrapKey(String str, Key key, SE0 se0, char[] cArr) {
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        try {
            SecretKeyFactory h = this.helper.h(str);
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(se0.k(), C3219fi.g(se0.m()));
            Cipher d = this.helper.d(str);
            d.init(3, h.generateSecret(pBEKeySpec), pBEParameterSpec);
            return d.wrap(key);
        } catch (Exception e) {
            throw new IOException("exception encrypting data - " + e.toString());
        }
    }

    public byte[] wrapKey(XM xm, Key key, KE0 ke0, char[] cArr) {
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr, ke0.o(), C3219fi.g(ke0.l()), C3219fi.g(ke0.m()) * 8);
        try {
            SecretKeyFactory h = this.helper.h("PBKDF2withHMacSHA256");
            Cipher d = this.helper.d(xm.k().z());
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(xm.k().z());
            algorithmParameters.init(xm.m().c().getEncoded());
            d.init(3, h.generateSecret(pBEKeySpec), algorithmParameters);
            return d.wrap(key);
        } catch (Exception e) {
            throw new IOException("exception encrypting data - " + e.toString());
        }
    }
}
