package org.bouncycastle.jcajce.provider.keystore.bcfks;

import a2.a.a.c2.e;
import a2.a.a.c2.i;
import a2.a.a.c3.b;
import a2.a.a.c3.y0;
import a2.a.a.d3.m;
import a2.a.a.n;
import a2.a.a.s;
import a2.a.a.v0;
import a2.a.a.w2.f;
import a2.a.a.w2.g;
import a2.a.a.w2.h;
import a2.a.a.w2.k;
import a2.a.a.w2.l;
import a2.a.a.w2.p;
import a2.a.b.d0.a0;
import a2.a.b.d0.z;
import a2.a.b.h0.v;
import a2.a.b.u;
import a2.a.c.a;
import a2.a.c.w.c;
import a2.a.e.b.y.c.h2;
import a2.a.g.j;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAKey;
import java.security.interfaces.RSAKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.text.ParseException;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import kotlin.reflect.a.a.w0.g.d;

/* loaded from: classes8.dex */
public class BcFKSKeyStoreSpi extends KeyStoreSpi {
    private static final BigInteger CERTIFICATE;
    private static final BigInteger PRIVATE_KEY;
    private static final BigInteger PROTECTED_PRIVATE_KEY;
    private static final BigInteger PROTECTED_SECRET_KEY;
    private static final BigInteger SECRET_KEY;
    private static final Map<String, n> oidMap;
    private static final Map<n, String> publicAlgMap;
    private Date creationDate;
    private final c helper;
    private b hmacAlgorithm;
    private h hmacPkbdAlgorithm;
    private Date lastModifiedDate;
    private b signatureAlgorithm;
    private a.InterfaceC0007a validator;
    private PublicKey verificationKey;
    private final Map<String, e> entries = new HashMap();
    private final Map<String, PrivateKey> privateKeyCache = new HashMap();
    private n storeEncryptionAlgorithm = a2.a.a.r2.b.P;

    /* loaded from: classes8.dex */
    public static class Def extends BcFKSKeyStoreSpi {
        public Def() {
            super(new a2.a.c.w.b());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes8.dex */
    public static class DefShared extends SharedKeyStoreSpi {
        public DefShared() {
            super(new a2.a.c.w.b());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes8.dex */
    public static class ExtKeyStoreException extends KeyStoreException {
        private final Throwable cause;

        public ExtKeyStoreException(String str, Throwable th) {
            super(str);
            this.cause = th;
        }

        @Override // java.lang.Throwable
        public Throwable getCause() {
            return this.cause;
        }
    }

    /* loaded from: classes8.dex */
    public static class SharedKeyStoreSpi extends BcFKSKeyStoreSpi implements a2.a.a.w2.n, y0 {
        private final Map<String, byte[]> cache;
        private final byte[] seedKey;

        public SharedKeyStoreSpi(c cVar) {
            super(cVar);
            try {
                byte[] bArr = new byte[32];
                this.seedKey = bArr;
                cVar.a("DEFAULT").nextBytes(bArr);
                this.cache = new HashMap();
            } catch (GeneralSecurityException e) {
                StringBuilder a0 = c.i.a.a.a.a0("can't create random - ");
                a0.append(e.toString());
                throw new IllegalArgumentException(a0.toString());
            }
        }

        private byte[] calculateMac(String str, char[] cArr) throws NoSuchAlgorithmException, InvalidKeyException {
            byte[] R;
            if (cArr != null) {
                R = h2.R(j.f(cArr), j.f(str.toCharArray()));
            } else {
                byte[] bArr = this.seedKey;
                String str2 = j.a;
                R = h2.R(bArr, j.f(str.toCharArray()));
            }
            return d.v1(R, this.seedKey, 16384, 8, 1, 32);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineDeleteEntry(String str) throws KeyStoreException {
            throw new KeyStoreException("delete operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            try {
                byte[] calculateMac = calculateMac(str, cArr);
                if (this.cache.containsKey(str) && !h2.U(this.cache.get(str), calculateMac)) {
                    throw new UnrecoverableKeyException(c.i.a.a.a.j("unable to recover key (", str, ")"));
                }
                Key engineGetKey = super.engineGetKey(str, cArr);
                if (engineGetKey != null && !this.cache.containsKey(str)) {
                    this.cache.put(str, calculateMac);
                }
                return engineGetKey;
            } catch (InvalidKeyException e) {
                StringBuilder g0 = c.i.a.a.a.g0("unable to recover key (", str, "): ");
                g0.append(e.getMessage());
                throw new UnrecoverableKeyException(g0.toString());
            }
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            throw new KeyStoreException("set operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            throw new KeyStoreException("set operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            throw new KeyStoreException("set operation not supported in shared mode");
        }
    }

    /* loaded from: classes8.dex */
    public static class Std extends BcFKSKeyStoreSpi {
        public Std() {
            super(new a2.a.c.w.a());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes8.dex */
    public static class StdShared extends SharedKeyStoreSpi {
        public StdShared() {
            super(new a2.a.c.w.a());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) throws KeyStoreException {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
            super.engineStore(loadStoreParameter);
        }
    }

    static {
        HashMap hashMap = new HashMap();
        oidMap = hashMap;
        HashMap hashMap2 = new HashMap();
        publicAlgMap = hashMap2;
        n nVar = a2.a.a.v2.b.e;
        hashMap.put("DESEDE", nVar);
        hashMap.put("TRIPLEDES", nVar);
        hashMap.put("TDEA", nVar);
        hashMap.put("HMACSHA1", a2.a.a.w2.n.W);
        hashMap.put("HMACSHA224", a2.a.a.w2.n.X);
        hashMap.put("HMACSHA256", a2.a.a.w2.n.Y);
        hashMap.put("HMACSHA384", a2.a.a.w2.n.Z);
        hashMap.put("HMACSHA512", a2.a.a.w2.n.a0);
        hashMap.put("SEED", a2.a.a.p2.a.a);
        hashMap.put("CAMELLIA.128", a2.a.a.t2.a.a);
        hashMap.put("CAMELLIA.192", a2.a.a.t2.a.b);
        hashMap.put("CAMELLIA.256", a2.a.a.t2.a.f178c);
        hashMap.put("ARIA.128", a2.a.a.s2.a.e);
        hashMap.put("ARIA.192", a2.a.a.s2.a.i);
        hashMap.put("ARIA.256", a2.a.a.s2.a.m);
        hashMap2.put(a2.a.a.w2.n.k, "RSA");
        hashMap2.put(m.f1, "EC");
        hashMap2.put(a2.a.a.v2.b.i, "DH");
        hashMap2.put(a2.a.a.w2.n.E, "DH");
        hashMap2.put(m.L1, "DSA");
        CERTIFICATE = BigInteger.valueOf(0L);
        PRIVATE_KEY = BigInteger.valueOf(1L);
        SECRET_KEY = BigInteger.valueOf(2L);
        PROTECTED_PRIVATE_KEY = BigInteger.valueOf(3L);
        PROTECTED_SECRET_KEY = BigInteger.valueOf(4L);
    }

    public BcFKSKeyStoreSpi(c cVar) {
        this.helper = cVar;
    }

    private byte[] calculateMac(byte[] bArr, b bVar, h hVar, char[] cArr) throws NoSuchAlgorithmException, IOException, NoSuchProviderException {
        String str = bVar.f42c.d;
        Mac d = this.helper.d(str);
        try {
            if (cArr == null) {
                cArr = new char[0];
            }
            d.init(new SecretKeySpec(generateKey(hVar, "INTEGRITY_CHECK", cArr, -1), str));
            return d.doFinal(bArr);
        } catch (InvalidKeyException e) {
            StringBuilder a0 = c.i.a.a.a.a0("Cannot set up MAC calculation: ");
            a0.append(e.getMessage());
            throw new IOException(a0.toString());
        }
    }

    private Cipher createCipher(String str, byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        Cipher c2 = this.helper.c(str);
        c2.init(1, new SecretKeySpec(bArr, "AES"));
        return c2;
    }

    private a2.a.a.c2.c createPrivateKeySequence(f fVar, Certificate[] certificateArr) throws CertificateEncodingException {
        a2.a.a.c3.n[] nVarArr = new a2.a.a.c3.n[certificateArr.length];
        for (int i = 0; i != certificateArr.length; i++) {
            nVarArr[i] = a2.a.a.c3.n.p(certificateArr[i].getEncoded());
        }
        return new a2.a.a.c2.c(fVar, nVarArr);
    }

    private Certificate decodeCertificate(Object obj) {
        c cVar = this.helper;
        if (cVar != null) {
            try {
                return cVar.e("X.509").generateCertificate(new ByteArrayInputStream(a2.a.a.c3.n.p(obj).getEncoded()));
            } catch (Exception unused) {
                return null;
            }
        }
        try {
            return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(a2.a.a.c3.n.p(obj).getEncoded()));
        } catch (Exception unused2) {
            return null;
        }
    }

    private byte[] decryptData(String str, b bVar, char[] cArr, byte[] bArr) throws IOException {
        Cipher c2;
        AlgorithmParameters algorithmParameters;
        if (!bVar.f42c.v(a2.a.a.w2.n.M)) {
            throw new IOException("BCFKS KeyStore cannot recognize protection algorithm.");
        }
        k p = k.p(bVar.d);
        g gVar = p.d;
        try {
            if (gVar.f207c.f42c.v(a2.a.a.r2.b.P)) {
                c2 = this.helper.c("AES/CCM/NoPadding");
                algorithmParameters = this.helper.f("CCM");
                algorithmParameters.init(a2.a.a.e2.a.p(gVar.f207c.d).getEncoded());
            } else {
                if (!gVar.f207c.f42c.v(a2.a.a.r2.b.Q)) {
                    throw new IOException("BCFKS KeyStore cannot recognize protection encryption algorithm.");
                }
                c2 = this.helper.c("AESKWP");
                algorithmParameters = null;
            }
            h hVar = p.f211c;
            if (cArr == null) {
                cArr = new char[0];
            }
            c2.init(2, new SecretKeySpec(generateKey(hVar, str, cArr, 32), "AES"), algorithmParameters);
            return c2.doFinal(bArr);
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new IOException(e2.toString());
        }
    }

    private Date extractCreationDate(e eVar, Date date) {
        try {
            return eVar.q.D();
        } catch (ParseException unused) {
            return date;
        }
    }

    private char[] extractPassword(KeyStore.LoadStoreParameter loadStoreParameter) throws IOException {
        KeyStore.ProtectionParameter protectionParameter = loadStoreParameter.getProtectionParameter();
        if (protectionParameter == null) {
            return null;
        }
        if (protectionParameter instanceof KeyStore.PasswordProtection) {
            return ((KeyStore.PasswordProtection) protectionParameter).getPassword();
        }
        if (!(protectionParameter instanceof KeyStore.CallbackHandlerProtection)) {
            StringBuilder a0 = c.i.a.a.a.a0("no support for protection parameter of type ");
            a0.append(protectionParameter.getClass().getName());
            throw new IllegalArgumentException(a0.toString());
        }
        CallbackHandler callbackHandler = ((KeyStore.CallbackHandlerProtection) protectionParameter).getCallbackHandler();
        PasswordCallback passwordCallback = new PasswordCallback("password: ", false);
        try {
            callbackHandler.handle(new Callback[]{passwordCallback});
            return passwordCallback.getPassword();
        } catch (UnsupportedCallbackException e) {
            StringBuilder a02 = c.i.a.a.a.a0("PasswordCallback not recognised: ");
            a02.append(e.getMessage());
            throw new IllegalArgumentException(a02.toString(), e);
        }
    }

    private byte[] generateKey(h hVar, String str, char[] cArr, int i) throws IOException {
        byte[] PKCS12PasswordToBytes = u.PKCS12PasswordToBytes(cArr);
        byte[] PKCS12PasswordToBytes2 = u.PKCS12PasswordToBytes(str.toCharArray());
        if (a2.a.a.q2.c.f167y.v(hVar.f208c.f42c)) {
            a2.a.a.q2.f p = a2.a.a.q2.f.p(hVar.f208c.d);
            BigInteger bigInteger = p.x;
            if (bigInteger != null) {
                i = bigInteger.intValue();
            } else if (i == -1) {
                throw new IOException("no keyLength found in ScryptParams");
            }
            return d.v1(h2.R(PKCS12PasswordToBytes, PKCS12PasswordToBytes2), p.r(), p.d.intValue(), p.q.intValue(), p.q.intValue(), i);
        }
        if (!hVar.f208c.f42c.v(a2.a.a.w2.n.N)) {
            throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD.");
        }
        l p2 = l.p(hVar.f208c.d);
        if (p2.t() != null) {
            i = p2.t().intValue();
        } else if (i == -1) {
            throw new IOException("no keyLength found in PBKDF2Params");
        }
        if (p2.u().f42c.v(a2.a.a.w2.n.a0)) {
            v vVar = new v(new a0());
            vVar.init(h2.R(PKCS12PasswordToBytes, PKCS12PasswordToBytes2), p2.d.f159c, p2.r().intValue());
            return ((a2.a.b.m0.y0) vVar.generateDerivedParameters(i * 8)).f388c;
        }
        if (p2.u().f42c.v(a2.a.a.r2.b.r)) {
            v vVar2 = new v(new z(512));
            vVar2.init(h2.R(PKCS12PasswordToBytes, PKCS12PasswordToBytes2), p2.d.f159c, p2.r().intValue());
            return ((a2.a.b.m0.y0) vVar2.generateDerivedParameters(i * 8)).f388c;
        }
        StringBuilder a0 = c.i.a.a.a.a0("BCFKS KeyStore: unrecognized MAC PBKD PRF: ");
        a0.append(p2.u().f42c);
        throw new IOException(a0.toString());
    }

    private h generatePkbdAlgorithmIdentifier(n nVar, int i) {
        byte[] bArr = new byte[64];
        getDefaultSecureRandom().nextBytes(bArr);
        n nVar2 = a2.a.a.w2.n.N;
        if (nVar2.v(nVar)) {
            return new h(nVar2, new l(bArr, 51200, i, new b(a2.a.a.w2.n.a0, v0.f196c)));
        }
        throw new IllegalStateException("unknown derivation algorithm: " + nVar);
    }

    private h generatePkbdAlgorithmIdentifier(h hVar, int i) {
        n nVar = a2.a.a.q2.c.f167y;
        if (nVar.v(hVar.f208c.f42c)) {
            a2.a.a.q2.f p = a2.a.a.q2.f.p(hVar.f208c.d);
            byte[] bArr = new byte[p.r().length];
            getDefaultSecureRandom().nextBytes(bArr);
            return new h(nVar, new a2.a.a.q2.f(bArr, p.d, p.q, p.t, BigInteger.valueOf(i)));
        }
        l p2 = l.p(hVar.f208c.d);
        byte[] bArr2 = new byte[p2.d.f159c.length];
        getDefaultSecureRandom().nextBytes(bArr2);
        return new h(a2.a.a.w2.n.N, new l(bArr2, p2.r().intValue(), i, p2.u()));
    }

    private h generatePkbdAlgorithmIdentifier(a2.a.b.q0.c cVar, int i) {
        n nVar = a2.a.a.q2.c.f167y;
        Objects.requireNonNull(cVar);
        if (nVar.v(null)) {
            byte[] bArr = new byte[0];
            getDefaultSecureRandom().nextBytes(bArr);
            return new h(nVar, new a2.a.a.q2.f(bArr, 0, 0, 0, i));
        }
        byte[] bArr2 = new byte[0];
        getDefaultSecureRandom().nextBytes(bArr2);
        return new h(a2.a.a.w2.n.N, new l(bArr2, 0, i, null));
    }

    private b generateSignatureAlgId(Key key, a.b bVar) throws IOException {
        if (key == null) {
            return null;
        }
        if (key instanceof a2.a.d.d.a) {
            if (bVar == a.b.SHA512withECDSA) {
                return new b(m.k1);
            }
            if (bVar == a.b.SHA3_512withECDSA) {
                return new b(a2.a.a.r2.b.d0);
            }
        }
        if (key instanceof DSAKey) {
            if (bVar == a.b.SHA512withDSA) {
                return new b(a2.a.a.r2.b.V);
            }
            if (bVar == a.b.SHA3_512withDSA) {
                return new b(a2.a.a.r2.b.Z);
            }
        }
        if (key instanceof RSAKey) {
            if (bVar == a.b.SHA512withRSA) {
                return new b(a2.a.a.w2.n.z, v0.f196c);
            }
            if (bVar == a.b.SHA3_512withRSA) {
                return new b(a2.a.a.r2.b.h0, v0.f196c);
            }
        }
        throw new IOException("unknown signature algorithm");
    }

    private SecureRandom getDefaultSecureRandom() {
        return a2.a.b.k.a();
    }

    private a2.a.a.c2.b getEncryptedObjectStoreData(b bVar, char[] cArr) throws IOException, NoSuchAlgorithmException {
        e[] eVarArr = (e[]) this.entries.values().toArray(new e[this.entries.size()]);
        h generatePkbdAlgorithmIdentifier = generatePkbdAlgorithmIdentifier(this.hmacPkbdAlgorithm, 32);
        if (cArr == null) {
            cArr = new char[0];
        }
        byte[] generateKey = generateKey(generatePkbdAlgorithmIdentifier, "STORE_ENCRYPTION", cArr, 32);
        a2.a.a.c2.h hVar = new a2.a.a.c2.h(bVar, this.creationDate, this.lastModifiedDate, new a2.a.a.c2.f(eVarArr), null);
        try {
            n nVar = this.storeEncryptionAlgorithm;
            n nVar2 = a2.a.a.r2.b.P;
            if (!nVar.v(nVar2)) {
                return new a2.a.a.c2.b(new b(a2.a.a.w2.n.M, new k(generatePkbdAlgorithmIdentifier, new g(a2.a.a.r2.b.Q))), createCipher("AESKWP", generateKey).doFinal(hVar.getEncoded()));
            }
            Cipher createCipher = createCipher("AES/CCM/NoPadding", generateKey);
            return new a2.a.a.c2.b(new b(a2.a.a.w2.n.M, new k(generatePkbdAlgorithmIdentifier, new g(nVar2, a2.a.a.e2.a.p(createCipher.getParameters().getEncoded())))), createCipher.doFinal(hVar.getEncoded()));
        } catch (InvalidKeyException e) {
            throw new IOException(e.toString());
        } catch (NoSuchProviderException e2) {
            throw new IOException(e2.toString());
        } catch (BadPaddingException e3) {
            throw new IOException(e3.toString());
        } catch (IllegalBlockSizeException e4) {
            throw new IOException(e4.toString());
        } catch (NoSuchPaddingException e5) {
            throw new NoSuchAlgorithmException(e5.toString());
        }
    }

    private static String getPublicKeyAlg(n nVar) {
        String str = publicAlgMap.get(nVar);
        return str != null ? str : nVar.d;
    }

    private boolean isSimilarHmacPbkd(a2.a.b.q0.c cVar, h hVar) {
        Objects.requireNonNull(cVar);
        n nVar = hVar.f208c.f42c;
        throw null;
    }

    private void verifyMac(byte[] bArr, a2.a.a.c2.j jVar, char[] cArr) throws NoSuchAlgorithmException, IOException, NoSuchProviderException {
        if (!h2.U(calculateMac(bArr, jVar.f37c, jVar.d, cArr), h2.I(jVar.q.f159c))) {
            throw new IOException("BCFKS KeyStore corrupted: MAC calculation failed");
        }
    }

    private void verifySig(a2.a.a.e eVar, a2.a.a.c2.l lVar, PublicKey publicKey) throws GeneralSecurityException, IOException {
        Signature createSignature = this.helper.createSignature(lVar.f39c.f42c.d);
        createSignature.initVerify(publicKey);
        createSignature.update(eVar.d().m("DER"));
        byte[] A = lVar.q.A();
        int i = lVar.q.q;
        Objects.requireNonNull(A, "'data' cannot be null");
        if (A.length == 0 && i != 0) {
            throw new IllegalArgumentException("zero length data with non-zero pad bits");
        }
        if (i > 7 || i < 0) {
            throw new IllegalArgumentException("pad bits cannot be greater than 7 or less than 0");
        }
        byte[] I = h2.I(A);
        if (i != 0) {
            throw new IllegalStateException("attempt to get non-octet aligned data from BIT STRING");
        }
        if (!createSignature.verify(h2.I(I))) {
            throw new IOException("BCFKS KeyStore corrupted: signature calculation failed");
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        final Iterator it = new HashSet(this.entries.keySet()).iterator();
        return new Enumeration() { // from class: org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.1
            @Override // java.util.Enumeration
            public boolean hasMoreElements() {
                return it.hasNext();
            }

            @Override // java.util.Enumeration
            public Object nextElement() {
                return it.next();
            }
        };
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        Objects.requireNonNull(str, "alias value is null");
        return this.entries.containsKey(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (this.entries.get(str) == null) {
            return;
        }
        this.privateKeyCache.remove(str);
        this.entries.remove(str);
        this.lastModifiedDate = new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        e eVar = this.entries.get(str);
        if (eVar == null) {
            return null;
        }
        if (eVar.f30c.equals(PRIVATE_KEY) || eVar.f30c.equals(PROTECTED_PRIVATE_KEY)) {
            return decodeCertificate(a2.a.a.c2.c.r(eVar.p()).p()[0]);
        }
        if (eVar.f30c.equals(CERTIFICATE)) {
            return decodeCertificate(eVar.p());
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        try {
            byte[] encoded = certificate.getEncoded();
            for (String str : this.entries.keySet()) {
                e eVar = this.entries.get(str);
                if (eVar.f30c.equals(CERTIFICATE)) {
                    if (Arrays.equals(eVar.p(), encoded)) {
                        return str;
                    }
                } else if (eVar.f30c.equals(PRIVATE_KEY) || eVar.f30c.equals(PROTECTED_PRIVATE_KEY)) {
                    try {
                        if (Arrays.equals(a2.a.a.c2.c.r(eVar.p()).p()[0].f67c.getEncoded(), encoded)) {
                            return str;
                        }
                    } catch (IOException unused) {
                    }
                }
            }
        } catch (CertificateEncodingException unused2) {
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        e eVar = this.entries.get(str);
        if (eVar == null) {
            return null;
        }
        if (!eVar.f30c.equals(PRIVATE_KEY) && !eVar.f30c.equals(PROTECTED_PRIVATE_KEY)) {
            return null;
        }
        a2.a.a.c3.n[] p = a2.a.a.c2.c.r(eVar.p()).p();
        int length = p.length;
        X509Certificate[] x509CertificateArr = new X509Certificate[length];
        for (int i = 0; i != length; i++) {
            x509CertificateArr[i] = decodeCertificate(p[i]);
        }
        return x509CertificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        e eVar = this.entries.get(str);
        if (eVar == null) {
            return null;
        }
        try {
            return eVar.t.D();
        } catch (ParseException unused) {
            return new Date();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        e eVar = this.entries.get(str);
        a2.a.a.c2.k kVar = null;
        if (eVar == null) {
            return null;
        }
        if (eVar.f30c.equals(PRIVATE_KEY) || eVar.f30c.equals(PROTECTED_PRIVATE_KEY)) {
            PrivateKey privateKey = this.privateKeyCache.get(str);
            if (privateKey != null) {
                return privateKey;
            }
            f p = f.p(a2.a.a.c2.c.r(eVar.p()).f28c);
            try {
                p p2 = p.p(decryptData("PRIVATE_KEY_ENCRYPTION", p.f206c, cArr, p.d.f159c));
                PrivateKey generatePrivate = this.helper.h(getPublicKeyAlg(p2.d.f42c)).generatePrivate(new PKCS8EncodedKeySpec(p2.getEncoded()));
                this.privateKeyCache.put(str, generatePrivate);
                return generatePrivate;
            } catch (Exception e) {
                throw new UnrecoverableKeyException(c.i.a.a.a.B3(e, c.i.a.a.a.g0("BCFKS KeyStore unable to recover private key (", str, "): ")));
            }
        }
        if (!eVar.f30c.equals(SECRET_KEY) && !eVar.f30c.equals(PROTECTED_SECRET_KEY)) {
            throw new UnrecoverableKeyException(c.i.a.a.a.j("BCFKS KeyStore unable to recover secret key (", str, "): type not recognized"));
        }
        byte[] p3 = eVar.p();
        a2.a.a.c2.d dVar = p3 instanceof a2.a.a.c2.d ? (a2.a.a.c2.d) p3 : p3 != 0 ? new a2.a.a.c2.d(s.A(p3)) : null;
        try {
            byte[] decryptData = decryptData("SECRET_KEY_ENCRYPTION", dVar.f29c, cArr, h2.I(dVar.d.f159c));
            if (decryptData instanceof a2.a.a.c2.k) {
                kVar = (a2.a.a.c2.k) decryptData;
            } else if (decryptData != 0) {
                kVar = new a2.a.a.c2.k(s.A(decryptData));
            }
            return this.helper.g(kVar.f38c.d).generateSecret(new SecretKeySpec(h2.I(kVar.d.f159c), kVar.f38c.d));
        } catch (Exception e2) {
            throw new UnrecoverableKeyException(c.i.a.a.a.B3(e2, c.i.a.a.a.g0("BCFKS KeyStore unable to recover secret key (", str, "): ")));
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        e eVar = this.entries.get(str);
        if (eVar != null) {
            return eVar.f30c.equals(CERTIFICATE);
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        e eVar = this.entries.get(str);
        if (eVar == null) {
            return false;
        }
        BigInteger bigInteger = eVar.f30c;
        return bigInteger.equals(PRIVATE_KEY) || bigInteger.equals(SECRET_KEY) || bigInteger.equals(PROTECTED_PRIVATE_KEY) || bigInteger.equals(PROTECTED_SECRET_KEY);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        a2.a.a.e eVar;
        PublicKey publicKey;
        b bVar;
        a2.a.a.c2.h p;
        this.entries.clear();
        this.privateKeyCache.clear();
        a2.a.a.c3.n[] nVarArr = null;
        this.creationDate = null;
        this.lastModifiedDate = null;
        this.hmacAlgorithm = null;
        if (inputStream == null) {
            Date date = new Date();
            this.creationDate = date;
            this.lastModifiedDate = date;
            this.verificationKey = null;
            this.validator = null;
            this.hmacAlgorithm = new b(a2.a.a.w2.n.a0, v0.f196c);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(a2.a.a.w2.n.N, 64);
            return;
        }
        try {
            a2.a.a.m k = new a2.a.a.j(inputStream).k();
            a2.a.a.c2.g gVar = k instanceof a2.a.a.c2.g ? (a2.a.a.c2.g) k : k != null ? new a2.a.a.c2.g(s.A(k)) : null;
            i iVar = gVar.d;
            int i = iVar.f36c;
            if (i == 0) {
                a2.a.a.c2.j p2 = a2.a.a.c2.j.p(iVar.d);
                bVar = p2.f37c;
                this.hmacAlgorithm = bVar;
                this.hmacPkbdAlgorithm = p2.d;
                try {
                    verifyMac(gVar.f33c.d().getEncoded(), p2, cArr);
                } catch (NoSuchProviderException e) {
                    throw new IOException(e.getMessage());
                }
            } else {
                if (i != 1) {
                    throw new IOException("BCFKS KeyStore unable to recognize integrity check.");
                }
                a2.a.a.c2.l p3 = a2.a.a.c2.l.p(iVar.d);
                b bVar2 = p3.f39c;
                try {
                    s sVar = p3.d;
                    if (sVar != null) {
                        int size = sVar.size();
                        a2.a.a.c3.n[] nVarArr2 = new a2.a.a.c3.n[size];
                        for (int i2 = 0; i2 != size; i2++) {
                            nVarArr2[i2] = a2.a.a.c3.n.p(p3.d.D(i2));
                        }
                        nVarArr = nVarArr2;
                    }
                    if (this.validator == null) {
                        eVar = gVar.f33c;
                        publicKey = this.verificationKey;
                    } else {
                        if (nVarArr == null) {
                            throw new IOException("validator specified but no certifcates in store");
                        }
                        CertificateFactory e2 = this.helper.e("X.509");
                        int length = nVarArr.length;
                        X509Certificate[] x509CertificateArr = new X509Certificate[length];
                        for (int i3 = 0; i3 != length; i3++) {
                            x509CertificateArr[i3] = (X509Certificate) e2.generateCertificate(new ByteArrayInputStream(nVarArr[i3].getEncoded()));
                        }
                        if (!this.validator.a(x509CertificateArr)) {
                            throw new IOException("certificate chain in key store signature not valid");
                        }
                        eVar = gVar.f33c;
                        publicKey = x509CertificateArr[0].getPublicKey();
                    }
                    verifySig(eVar, p3, publicKey);
                    bVar = bVar2;
                } catch (GeneralSecurityException e3) {
                    StringBuilder a0 = c.i.a.a.a.a0("error verifying signature: ");
                    a0.append(e3.getMessage());
                    throw new IOException(a0.toString(), e3);
                }
            }
            a2.a.a.e eVar2 = gVar.f33c;
            if (eVar2 instanceof a2.a.a.c2.b) {
                a2.a.a.c2.b bVar3 = (a2.a.a.c2.b) eVar2;
                p = a2.a.a.c2.h.p(decryptData("STORE_ENCRYPTION", bVar3.f27c, cArr, bVar3.d.f159c));
            } else {
                p = a2.a.a.c2.h.p(eVar2);
            }
            try {
                this.creationDate = p.q.D();
                this.lastModifiedDate = p.t.D();
                if (!p.d.equals(bVar)) {
                    throw new IOException("BCFKS KeyStore storeData integrity algorithm does not match store integrity algorithm.");
                }
                Iterator<a2.a.a.e> it = p.x.iterator();
                while (true) {
                    a2.a.g.a aVar = (a2.a.g.a) it;
                    if (!aVar.hasNext()) {
                        return;
                    }
                    e r = e.r(aVar.next());
                    this.entries.put(r.d, r);
                }
            } catch (ParseException unused) {
                throw new IOException("BCFKS KeyStore unable to parse store data information.");
            }
        } catch (Exception e4) {
            throw new IOException(e4.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'parameter' arg cannot be null");
        }
        if (!(loadStoreParameter instanceof a)) {
            if (loadStoreParameter instanceof a2.a.c.c) {
                engineLoad(null, extractPassword(loadStoreParameter));
                return;
            } else {
                StringBuilder a0 = c.i.a.a.a.a0("no support for 'parameter' of type ");
                a0.append(loadStoreParameter.getClass().getName());
                throw new IllegalArgumentException(a0.toString());
            }
        }
        char[] extractPassword = extractPassword((a) loadStoreParameter);
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier((a2.a.b.q0.c) null, 64);
        this.storeEncryptionAlgorithm = a2.a.a.r2.b.Q;
        this.hmacAlgorithm = new b(a2.a.a.r2.b.r, v0.f196c);
        this.verificationKey = null;
        this.validator = null;
        this.signatureAlgorithm = generateSignatureAlgId(null, null);
        engineLoad(null, extractPassword);
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        Date date;
        e eVar = this.entries.get(str);
        Date date2 = new Date();
        if (eVar == null) {
            date = date2;
        } else {
            if (!eVar.f30c.equals(CERTIFICATE)) {
                throw new KeyStoreException(c.i.a.a.a.f("BCFKS KeyStore already has a key entry with alias ", str));
            }
            date = extractCreationDate(eVar, date2);
        }
        try {
            this.entries.put(str, new e(CERTIFICATE, str, date, date2, certificate.getEncoded(), null));
            this.lastModifiedDate = date2;
        } catch (CertificateEncodingException e) {
            StringBuilder a0 = c.i.a.a.a.a0("BCFKS KeyStore unable to handle certificate: ");
            a0.append(e.getMessage());
            throw new ExtKeyStoreException(a0.toString(), e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        a2.a.a.c2.k kVar;
        a2.a.a.c2.d dVar;
        f fVar;
        Date date = new Date();
        e eVar = this.entries.get(str);
        Date extractCreationDate = eVar != null ? extractCreationDate(eVar, date) : date;
        this.privateKeyCache.remove(str);
        if (key instanceof PrivateKey) {
            if (certificateArr == null) {
                throw new KeyStoreException("BCFKS KeyStore requires a certificate chain for private key storage.");
            }
            try {
                byte[] encoded = key.getEncoded();
                h generatePkbdAlgorithmIdentifier = generatePkbdAlgorithmIdentifier(a2.a.a.w2.n.N, 32);
                if (cArr == null) {
                    cArr = new char[0];
                }
                byte[] generateKey = generateKey(generatePkbdAlgorithmIdentifier, "PRIVATE_KEY_ENCRYPTION", cArr, 32);
                n nVar = this.storeEncryptionAlgorithm;
                n nVar2 = a2.a.a.r2.b.P;
                if (nVar.v(nVar2)) {
                    Cipher createCipher = createCipher("AES/CCM/NoPadding", generateKey);
                    fVar = new f(new b(a2.a.a.w2.n.M, new k(generatePkbdAlgorithmIdentifier, new g(nVar2, a2.a.a.e2.a.p(createCipher.getParameters().getEncoded())))), createCipher.doFinal(encoded));
                } else {
                    fVar = new f(new b(a2.a.a.w2.n.M, new k(generatePkbdAlgorithmIdentifier, new g(a2.a.a.r2.b.Q))), createCipher("AESKWP", generateKey).doFinal(encoded));
                }
                this.entries.put(str, new e(PRIVATE_KEY, str, extractCreationDate, date, createPrivateKeySequence(fVar, certificateArr).getEncoded(), null));
            } catch (Exception e) {
                throw new ExtKeyStoreException(c.i.a.a.a.C3(e, c.i.a.a.a.a0("BCFKS KeyStore exception storing private key: ")), e);
            }
        } else {
            if (!(key instanceof SecretKey)) {
                throw new KeyStoreException("BCFKS KeyStore unable to recognize key.");
            }
            if (certificateArr != null) {
                throw new KeyStoreException("BCFKS KeyStore cannot store certificate chain with secret key.");
            }
            try {
                byte[] encoded2 = key.getEncoded();
                h generatePkbdAlgorithmIdentifier2 = generatePkbdAlgorithmIdentifier(a2.a.a.w2.n.N, 32);
                if (cArr == null) {
                    cArr = new char[0];
                }
                byte[] generateKey2 = generateKey(generatePkbdAlgorithmIdentifier2, "SECRET_KEY_ENCRYPTION", cArr, 32);
                String g = j.g(key.getAlgorithm());
                if (g.indexOf("AES") > -1) {
                    kVar = new a2.a.a.c2.k(a2.a.a.r2.b.s, encoded2);
                } else {
                    Map<String, n> map = oidMap;
                    n nVar3 = map.get(g);
                    if (nVar3 != null) {
                        kVar = new a2.a.a.c2.k(nVar3, encoded2);
                    } else {
                        n nVar4 = map.get(g + "." + (encoded2.length * 8));
                        if (nVar4 == null) {
                            throw new KeyStoreException("BCFKS KeyStore cannot recognize secret key (" + g + ") for storage.");
                        }
                        kVar = new a2.a.a.c2.k(nVar4, encoded2);
                    }
                }
                n nVar5 = this.storeEncryptionAlgorithm;
                n nVar6 = a2.a.a.r2.b.P;
                if (nVar5.v(nVar6)) {
                    Cipher createCipher2 = createCipher("AES/CCM/NoPadding", generateKey2);
                    dVar = new a2.a.a.c2.d(new b(a2.a.a.w2.n.M, new k(generatePkbdAlgorithmIdentifier2, new g(nVar6, a2.a.a.e2.a.p(createCipher2.getParameters().getEncoded())))), createCipher2.doFinal(kVar.getEncoded()));
                } else {
                    dVar = new a2.a.a.c2.d(new b(a2.a.a.w2.n.M, new k(generatePkbdAlgorithmIdentifier2, new g(a2.a.a.r2.b.Q))), createCipher("AESKWP", generateKey2).doFinal(kVar.getEncoded()));
                }
                this.entries.put(str, new e(SECRET_KEY, str, extractCreationDate, date, dVar.getEncoded(), null));
            } catch (Exception e2) {
                throw new ExtKeyStoreException(c.i.a.a.a.C3(e2, c.i.a.a.a.a0("BCFKS KeyStore exception storing private key: ")), e2);
            }
        }
        this.lastModifiedDate = date;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        Date date = new Date();
        e eVar = this.entries.get(str);
        Date extractCreationDate = eVar != null ? extractCreationDate(eVar, date) : date;
        if (certificateArr != null) {
            try {
                f p = f.p(bArr);
                try {
                    this.privateKeyCache.remove(str);
                    this.entries.put(str, new e(PROTECTED_PRIVATE_KEY, str, extractCreationDate, date, createPrivateKeySequence(p, certificateArr).getEncoded(), null));
                } catch (Exception e) {
                    throw new ExtKeyStoreException(c.i.a.a.a.C3(e, c.i.a.a.a.a0("BCFKS KeyStore exception storing protected private key: ")), e);
                }
            } catch (Exception e2) {
                throw new ExtKeyStoreException("BCFKS KeyStore private key encoding must be an EncryptedPrivateKeyInfo.", e2);
            }
        } else {
            try {
                this.entries.put(str, new e(PROTECTED_SECRET_KEY, str, extractCreationDate, date, bArr, null));
            } catch (Exception e3) {
                throw new ExtKeyStoreException(c.i.a.a.a.C3(e3, c.i.a.a.a.a0("BCFKS KeyStore exception storing protected private key: ")), e3);
            }
        }
        this.lastModifiedDate = date;
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.entries.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        h hVar;
        BigInteger t;
        if (this.creationDate == null) {
            throw new IOException("KeyStore not initialized");
        }
        a2.a.a.c2.b encryptedObjectStoreData = getEncryptedObjectStoreData(this.hmacAlgorithm, cArr);
        if (a2.a.a.q2.c.f167y.v(this.hmacPkbdAlgorithm.f208c.f42c)) {
            a2.a.a.q2.f p = a2.a.a.q2.f.p(this.hmacPkbdAlgorithm.f208c.d);
            hVar = this.hmacPkbdAlgorithm;
            t = p.x;
        } else {
            l p2 = l.p(this.hmacPkbdAlgorithm.f208c.d);
            hVar = this.hmacPkbdAlgorithm;
            t = p2.t();
        }
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(hVar, t.intValue());
        try {
            outputStream.write(new a2.a.a.c2.g(encryptedObjectStoreData, new i(new a2.a.a.c2.j(this.hmacAlgorithm, this.hmacPkbdAlgorithm, calculateMac(encryptedObjectStoreData.getEncoded(), this.hmacAlgorithm, this.hmacPkbdAlgorithm, cArr)))).getEncoded());
            outputStream.flush();
        } catch (NoSuchProviderException e) {
            StringBuilder a0 = c.i.a.a.a.a0("cannot calculate mac: ");
            a0.append(e.getMessage());
            throw new IOException(a0.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws CertificateException, NoSuchAlgorithmException, IOException {
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'parameter' arg cannot be null");
        }
        if (loadStoreParameter instanceof a2.a.c.b) {
            char[] extractPassword = extractPassword(loadStoreParameter);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier((a2.a.b.q0.c) null, 64);
            engineStore(null, extractPassword);
            return;
        }
        if (!(loadStoreParameter instanceof a)) {
            if (loadStoreParameter instanceof a2.a.c.c) {
                ((a2.a.c.c) loadStoreParameter).a();
                throw null;
            }
            StringBuilder a0 = c.i.a.a.a.a0("no support for 'parameter' of type ");
            a0.append(loadStoreParameter.getClass().getName());
            throw new IllegalArgumentException(a0.toString());
        }
        a aVar = (a) loadStoreParameter;
        extractPassword(aVar);
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier((a2.a.b.q0.c) null, 64);
        this.storeEncryptionAlgorithm = a2.a.a.r2.b.Q;
        this.hmacAlgorithm = new b(a2.a.a.r2.b.r, v0.f196c);
        aVar.a();
        throw null;
    }
}
