package org.spongycastle.jcajce.provider.keystore.pkcs12;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.spongycastle.asn1.ASN1Encodable;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1Encoding;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1OctetString;
import org.spongycastle.asn1.BEROctetString;
import org.spongycastle.asn1.BEROutputStream;
import org.spongycastle.asn1.DERBMPString;
import org.spongycastle.asn1.DERNull;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DEROutputStream;
import org.spongycastle.asn1.DERSequence;
import org.spongycastle.asn1.DERSet;
import org.spongycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
import org.spongycastle.asn1.cryptopro.GOST28147Parameters;
import org.spongycastle.asn1.nist.NISTObjectIdentifiers;
import org.spongycastle.asn1.ntt.NTTObjectIdentifiers;
import org.spongycastle.asn1.oiw.OIWObjectIdentifiers;
import org.spongycastle.asn1.pkcs.AuthenticatedSafe;
import org.spongycastle.asn1.pkcs.CertBag;
import org.spongycastle.asn1.pkcs.ContentInfo;
import org.spongycastle.asn1.pkcs.EncryptedData;
import org.spongycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.spongycastle.asn1.pkcs.MacData;
import org.spongycastle.asn1.pkcs.PBES2Parameters;
import org.spongycastle.asn1.pkcs.PBKDF2Params;
import org.spongycastle.asn1.pkcs.PKCS12PBEParams;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.asn1.pkcs.Pfx;
import org.spongycastle.asn1.pkcs.SafeBag;
import org.spongycastle.asn1.x509.AlgorithmIdentifier;
import org.spongycastle.asn1.x509.DigestInfo;
import org.spongycastle.asn1.x509.SubjectKeyIdentifier;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.asn1.x509.X509ObjectIdentifiers;
import org.spongycastle.crypto.Digest;
import org.spongycastle.crypto.util.DigestFactory;
import org.spongycastle.jcajce.PKCS12Key;
import org.spongycastle.jcajce.PKCS12StoreParameter;
import org.spongycastle.jcajce.spec.GOST28147ParameterSpec;
import org.spongycastle.jcajce.spec.PBKDF2KeySpec;
import org.spongycastle.jcajce.util.BCJcaJceHelper;
import org.spongycastle.jcajce.util.JcaJceHelper;
import org.spongycastle.jce.interfaces.BCKeyStore;
import org.spongycastle.jce.interfaces.PKCS12BagAttributeCarrier;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.jce.provider.JDKPKCS12StoreParameter;
import org.spongycastle.util.Arrays;
import org.spongycastle.util.Integers;
import org.spongycastle.util.Properties;
import org.spongycastle.util.Strings;

/* loaded from: classes3.dex */
public class PKCS12KeyStoreSpi extends KeyStoreSpi implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore {
    static final String bP = "org.spongycastle.pkcs12.max_it_count";
    static final int bQ = 0;
    static final int bR = 1;
    static final int bS = 2;
    static final int bT = 3;
    static final int bU = 4;
    static final int bV = 0;
    static final int bW = 1;
    static final int bX = 2;
    private static final int ca = 20;
    private static final int cb = 1024;
    private static final DefaultSecretKeyProvider cc = new DefaultSecretKeyProvider();
    private IgnoresCaseHashtable cd;
    private IgnoresCaseHashtable cf;
    private CertificateFactory ci;
    private ASN1ObjectIdentifier cj;
    private ASN1ObjectIdentifier ck;
    private final JcaJceHelper bZ = new BCJcaJceHelper();
    private Hashtable ce = new Hashtable();
    private Hashtable cg = new Hashtable();
    private Hashtable ch = new Hashtable();
    protected SecureRandom bY = new SecureRandom();
    private AlgorithmIdentifier cl = new AlgorithmIdentifier(OIWObjectIdentifiers.i, DERNull.a);
    private int cm = 1024;

    /* renamed from: cn, reason: collision with root package name */
    private int f2403cn = 20;

    /* loaded from: classes3.dex */
    public static class BCPKCS12KeyStore extends PKCS12KeyStoreSpi {
        public BCPKCS12KeyStore() {
            super(new BouncyCastleProvider(), bG, bJ);
        }
    }

    /* loaded from: classes3.dex */
    public static class BCPKCS12KeyStore3DES extends PKCS12KeyStoreSpi {
        public BCPKCS12KeyStore3DES() {
            super(new BouncyCastleProvider(), bG, bG);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public class CertId {
        byte[] a;

        CertId(PublicKey publicKey) {
            this.a = PKCS12KeyStoreSpi.this.a(publicKey).a();
        }

        CertId(byte[] bArr) {
            this.a = bArr;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (obj instanceof CertId) {
                return Arrays.a(this.a, ((CertId) obj).a);
            }
            return false;
        }

        public int hashCode() {
            return Arrays.a(this.a);
        }
    }

    /* loaded from: classes3.dex */
    public static class DefPKCS12KeyStore extends PKCS12KeyStoreSpi {
        public DefPKCS12KeyStore() {
            super(null, bG, bJ);
        }
    }

    /* loaded from: classes3.dex */
    public static class DefPKCS12KeyStore3DES extends PKCS12KeyStoreSpi {
        public DefPKCS12KeyStore3DES() {
            super(null, bG, bG);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class DefaultSecretKeyProvider {
        private final Map a;

        DefaultSecretKeyProvider() {
            HashMap hashMap = new HashMap();
            hashMap.put(new ASN1ObjectIdentifier("1.2.840.113533.7.66.10"), Integers.a(128));
            hashMap.put(PKCSObjectIdentifiers.D, Integers.a(192));
            hashMap.put(NISTObjectIdentifiers.f2353u, Integers.a(128));
            hashMap.put(NISTObjectIdentifiers.C, Integers.a(192));
            hashMap.put(NISTObjectIdentifiers.K, Integers.a(256));
            hashMap.put(NTTObjectIdentifiers.a, Integers.a(128));
            hashMap.put(NTTObjectIdentifiers.b, Integers.a(192));
            hashMap.put(NTTObjectIdentifiers.c, Integers.a(256));
            hashMap.put(CryptoProObjectIdentifiers.f, Integers.a(256));
            this.a = Collections.unmodifiableMap(hashMap);
        }

        public int a(AlgorithmIdentifier algorithmIdentifier) {
            Integer num = (Integer) this.a.get(algorithmIdentifier.a());
            if (num != null) {
                return num.intValue();
            }
            return -1;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class IgnoresCaseHashtable {
        private Hashtable a;
        private Hashtable b;

        private IgnoresCaseHashtable() {
            this.a = new Hashtable();
            this.b = new Hashtable();
        }

        public Object a(String str) {
            String str2 = (String) this.b.remove(str == null ? null : Strings.c(str));
            if (str2 == null) {
                return null;
            }
            return this.a.remove(str2);
        }

        public Enumeration a() {
            return this.a.keys();
        }

        public void a(String str, Object obj) {
            String c = str == null ? null : Strings.c(str);
            String str2 = (String) this.b.get(c);
            if (str2 != null) {
                this.a.remove(str2);
            }
            this.b.put(c, str);
            this.a.put(str, obj);
        }

        public Object b(String str) {
            String str2 = (String) this.b.get(str == null ? null : Strings.c(str));
            if (str2 == null) {
                return null;
            }
            return this.a.get(str2);
        }

        public Enumeration b() {
            return this.a.elements();
        }
    }

    public PKCS12KeyStoreSpi(Provider provider, ASN1ObjectIdentifier aSN1ObjectIdentifier, ASN1ObjectIdentifier aSN1ObjectIdentifier2) {
        this.cd = new IgnoresCaseHashtable();
        this.cf = new IgnoresCaseHashtable();
        this.cj = aSN1ObjectIdentifier;
        this.ck = aSN1ObjectIdentifier2;
        try {
            if (provider != null) {
                this.ci = CertificateFactory.getInstance("X.509", provider);
            } else {
                this.ci = CertificateFactory.getInstance("X.509");
            }
        } catch (Exception e) {
            throw new IllegalArgumentException("can't create cert factory - " + e.toString());
        }
    }

    private int a(BigInteger bigInteger) {
        int intValue = bigInteger.intValue();
        if (intValue < 0) {
            throw new IllegalStateException("negative iteration count found");
        }
        BigInteger c = Properties.c(bP);
        if (c == null || c.intValue() >= intValue) {
            return intValue;
        }
        throw new IllegalStateException("iteration count " + intValue + " greater than " + c.intValue());
    }

    private Set a() {
        HashSet hashSet = new HashSet();
        Enumeration a = this.cd.a();
        while (a.hasMoreElements()) {
            Certificate[] engineGetCertificateChain = engineGetCertificateChain((String) a.nextElement());
            for (int i = 0; i != engineGetCertificateChain.length; i++) {
                hashSet.add(engineGetCertificateChain[i]);
            }
        }
        Enumeration a2 = this.cf.a();
        while (a2.hasMoreElements()) {
            hashSet.add(engineGetCertificate((String) a2.nextElement()));
        }
        return hashSet;
    }

    private Cipher a(int i, char[] cArr, AlgorithmIdentifier algorithmIdentifier) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchProviderException {
        PBES2Parameters a = PBES2Parameters.a(algorithmIdentifier.b());
        PBKDF2Params a2 = PBKDF2Params.a(a.a().b());
        AlgorithmIdentifier a3 = AlgorithmIdentifier.a(a.b());
        SecretKeyFactory h = this.bZ.h(a.a().a().b());
        SecretKey generateSecret = a2.d() ? h.generateSecret(new PBEKeySpec(cArr, a2.a(), a(a2.b()), cc.a(a3))) : h.generateSecret(new PBKDF2KeySpec(cArr, a2.a(), a(a2.b()), cc.a(a3), a2.e()));
        Cipher cipher = Cipher.getInstance(a.b().a().b());
        ASN1Encodable b = a.b().b();
        if (b instanceof ASN1OctetString) {
            cipher.init(i, generateSecret, new IvParameterSpec(ASN1OctetString.a(b).d()));
        } else {
            GOST28147Parameters a4 = GOST28147Parameters.a(b);
            cipher.init(i, generateSecret, new GOST28147ParameterSpec(a4.a(), a4.b()));
        }
        return cipher;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SubjectKeyIdentifier a(PublicKey publicKey) {
        try {
            return new SubjectKeyIdentifier(a(SubjectPublicKeyInfo.a(publicKey.getEncoded())));
        } catch (Exception unused) {
            throw new RuntimeException("error creating key");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void a(OutputStream outputStream, char[] cArr, boolean z) throws IOException {
        Enumeration enumeration;
        boolean z2;
        Enumeration enumeration2;
        boolean z3;
        boolean z4;
        if (cArr == null) {
            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
        }
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        Enumeration a = this.cd.a();
        while (a.hasMoreElements()) {
            byte[] bArr = new byte[20];
            this.bY.nextBytes(bArr);
            String str = (String) a.nextElement();
            PrivateKey privateKey = (PrivateKey) this.cd.b(str);
            PKCS12PBEParams pKCS12PBEParams = new PKCS12PBEParams(bArr, 1024);
            EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(this.cj, pKCS12PBEParams.k()), a(this.cj.b(), privateKey, pKCS12PBEParams, cArr));
            ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
            if (privateKey instanceof PKCS12BagAttributeCarrier) {
                PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier = (PKCS12BagAttributeCarrier) privateKey;
                DERBMPString dERBMPString = (DERBMPString) pKCS12BagAttributeCarrier.a(ak);
                if (dERBMPString == null || !dERBMPString.b().equals(str)) {
                    pKCS12BagAttributeCarrier.a(ak, new DERBMPString(str));
                }
                if (pKCS12BagAttributeCarrier.a(al) == null) {
                    pKCS12BagAttributeCarrier.a(al, a(engineGetCertificate(str).getPublicKey()));
                }
                Enumeration a2 = pKCS12BagAttributeCarrier.a();
                z4 = false;
                while (a2.hasMoreElements()) {
                    ASN1ObjectIdentifier aSN1ObjectIdentifier = (ASN1ObjectIdentifier) a2.nextElement();
                    ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
                    aSN1EncodableVector3.a(aSN1ObjectIdentifier);
                    aSN1EncodableVector3.a(new DERSet(pKCS12BagAttributeCarrier.a(aSN1ObjectIdentifier)));
                    aSN1EncodableVector2.a(new DERSequence(aSN1EncodableVector3));
                    z4 = true;
                }
            } else {
                z4 = false;
            }
            if (!z4) {
                ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
                Certificate engineGetCertificate = engineGetCertificate(str);
                aSN1EncodableVector4.a(al);
                aSN1EncodableVector4.a(new DERSet(a(engineGetCertificate.getPublicKey())));
                aSN1EncodableVector2.a(new DERSequence(aSN1EncodableVector4));
                ASN1EncodableVector aSN1EncodableVector5 = new ASN1EncodableVector();
                aSN1EncodableVector5.a(ak);
                aSN1EncodableVector5.a(new DERSet(new DERBMPString(str)));
                aSN1EncodableVector2.a(new DERSequence(aSN1EncodableVector5));
            }
            aSN1EncodableVector.a(new SafeBag(by, encryptedPrivateKeyInfo.k(), new DERSet(aSN1EncodableVector2)));
        }
        BEROctetString bEROctetString = new BEROctetString(new DERSequence(aSN1EncodableVector).a(ASN1Encoding.a));
        byte[] bArr2 = new byte[20];
        this.bY.nextBytes(bArr2);
        ASN1EncodableVector aSN1EncodableVector6 = new ASN1EncodableVector();
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(this.ck, new PKCS12PBEParams(bArr2, 1024).k());
        Hashtable hashtable = new Hashtable();
        Enumeration a3 = this.cd.a();
        while (a3.hasMoreElements()) {
            try {
                String str2 = (String) a3.nextElement();
                Certificate engineGetCertificate2 = engineGetCertificate(str2);
                CertBag certBag = new CertBag(ao, new DEROctetString(engineGetCertificate2.getEncoded()));
                ASN1EncodableVector aSN1EncodableVector7 = new ASN1EncodableVector();
                if (engineGetCertificate2 instanceof PKCS12BagAttributeCarrier) {
                    PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier2 = (PKCS12BagAttributeCarrier) engineGetCertificate2;
                    DERBMPString dERBMPString2 = (DERBMPString) pKCS12BagAttributeCarrier2.a(ak);
                    if (dERBMPString2 == null || !dERBMPString2.b().equals(str2)) {
                        pKCS12BagAttributeCarrier2.a(ak, new DERBMPString(str2));
                    }
                    if (pKCS12BagAttributeCarrier2.a(al) == null) {
                        pKCS12BagAttributeCarrier2.a(al, a(engineGetCertificate2.getPublicKey()));
                    }
                    Enumeration a4 = pKCS12BagAttributeCarrier2.a();
                    z3 = false;
                    while (a4.hasMoreElements()) {
                        ASN1ObjectIdentifier aSN1ObjectIdentifier2 = (ASN1ObjectIdentifier) a4.nextElement();
                        Enumeration enumeration3 = a3;
                        ASN1EncodableVector aSN1EncodableVector8 = new ASN1EncodableVector();
                        aSN1EncodableVector8.a(aSN1ObjectIdentifier2);
                        aSN1EncodableVector8.a(new DERSet(pKCS12BagAttributeCarrier2.a(aSN1ObjectIdentifier2)));
                        aSN1EncodableVector7.a(new DERSequence(aSN1EncodableVector8));
                        a3 = enumeration3;
                        z3 = true;
                    }
                    enumeration2 = a3;
                } else {
                    enumeration2 = a3;
                    z3 = false;
                }
                if (!z3) {
                    ASN1EncodableVector aSN1EncodableVector9 = new ASN1EncodableVector();
                    aSN1EncodableVector9.a(al);
                    aSN1EncodableVector9.a(new DERSet(a(engineGetCertificate2.getPublicKey())));
                    aSN1EncodableVector7.a(new DERSequence(aSN1EncodableVector9));
                    ASN1EncodableVector aSN1EncodableVector10 = new ASN1EncodableVector();
                    aSN1EncodableVector10.a(ak);
                    aSN1EncodableVector10.a(new DERSet(new DERBMPString(str2)));
                    aSN1EncodableVector7.a(new DERSequence(aSN1EncodableVector10));
                }
                aSN1EncodableVector6.a(new SafeBag(bz, certBag.k(), new DERSet(aSN1EncodableVector7)));
                hashtable.put(engineGetCertificate2, engineGetCertificate2);
                a3 = enumeration2;
            } catch (CertificateEncodingException e) {
                throw new IOException("Error encoding certificate: " + e.toString());
            }
        }
        Enumeration a5 = this.cf.a();
        while (a5.hasMoreElements()) {
            try {
                String str3 = (String) a5.nextElement();
                Certificate certificate = (Certificate) this.cf.b(str3);
                if (this.cd.b(str3) == null) {
                    CertBag certBag2 = new CertBag(ao, new DEROctetString(certificate.getEncoded()));
                    ASN1EncodableVector aSN1EncodableVector11 = new ASN1EncodableVector();
                    if (certificate instanceof PKCS12BagAttributeCarrier) {
                        PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier3 = (PKCS12BagAttributeCarrier) certificate;
                        DERBMPString dERBMPString3 = (DERBMPString) pKCS12BagAttributeCarrier3.a(ak);
                        if (dERBMPString3 == null || !dERBMPString3.b().equals(str3)) {
                            pKCS12BagAttributeCarrier3.a(ak, new DERBMPString(str3));
                        }
                        Enumeration a6 = pKCS12BagAttributeCarrier3.a();
                        z2 = false;
                        while (a6.hasMoreElements()) {
                            ASN1ObjectIdentifier aSN1ObjectIdentifier3 = (ASN1ObjectIdentifier) a6.nextElement();
                            Enumeration enumeration4 = a5;
                            if (aSN1ObjectIdentifier3.equals(PKCSObjectIdentifiers.al)) {
                                a5 = enumeration4;
                            } else {
                                ASN1EncodableVector aSN1EncodableVector12 = new ASN1EncodableVector();
                                aSN1EncodableVector12.a(aSN1ObjectIdentifier3);
                                aSN1EncodableVector12.a(new DERSet(pKCS12BagAttributeCarrier3.a(aSN1ObjectIdentifier3)));
                                aSN1EncodableVector11.a(new DERSequence(aSN1EncodableVector12));
                                a5 = enumeration4;
                                z2 = true;
                            }
                        }
                        enumeration = a5;
                    } else {
                        enumeration = a5;
                        z2 = false;
                    }
                    if (!z2) {
                        ASN1EncodableVector aSN1EncodableVector13 = new ASN1EncodableVector();
                        aSN1EncodableVector13.a(ak);
                        aSN1EncodableVector13.a(new DERSet(new DERBMPString(str3)));
                        aSN1EncodableVector11.a(new DERSequence(aSN1EncodableVector13));
                    }
                    aSN1EncodableVector6.a(new SafeBag(bz, certBag2.k(), new DERSet(aSN1EncodableVector11)));
                    hashtable.put(certificate, certificate);
                    a5 = enumeration;
                }
            } catch (CertificateEncodingException e2) {
                throw new IOException("Error encoding certificate: " + e2.toString());
            }
        }
        Set a7 = a();
        Enumeration keys = this.cg.keys();
        while (keys.hasMoreElements()) {
            try {
                Certificate certificate2 = (Certificate) this.cg.get((CertId) keys.nextElement());
                if (a7.contains(certificate2) && hashtable.get(certificate2) == null) {
                    CertBag certBag3 = new CertBag(ao, new DEROctetString(certificate2.getEncoded()));
                    ASN1EncodableVector aSN1EncodableVector14 = new ASN1EncodableVector();
                    if (certificate2 instanceof PKCS12BagAttributeCarrier) {
                        PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier4 = (PKCS12BagAttributeCarrier) certificate2;
                        Enumeration a8 = pKCS12BagAttributeCarrier4.a();
                        while (a8.hasMoreElements()) {
                            ASN1ObjectIdentifier aSN1ObjectIdentifier4 = (ASN1ObjectIdentifier) a8.nextElement();
                            if (!aSN1ObjectIdentifier4.equals(PKCSObjectIdentifiers.al)) {
                                ASN1EncodableVector aSN1EncodableVector15 = new ASN1EncodableVector();
                                aSN1EncodableVector15.a(aSN1ObjectIdentifier4);
                                aSN1EncodableVector15.a(new DERSet(pKCS12BagAttributeCarrier4.a(aSN1ObjectIdentifier4)));
                                aSN1EncodableVector14.a(new DERSequence(aSN1EncodableVector15));
                            }
                        }
                    }
                    aSN1EncodableVector6.a(new SafeBag(bz, certBag3.k(), new DERSet(aSN1EncodableVector14)));
                }
            } catch (CertificateEncodingException e3) {
                throw new IOException("Error encoding certificate: " + e3.toString());
            }
        }
        AuthenticatedSafe authenticatedSafe = new AuthenticatedSafe(new ContentInfo[]{new ContentInfo(Q, bEROctetString), new ContentInfo(V, new EncryptedData(Q, algorithmIdentifier, new BEROctetString(a(true, algorithmIdentifier, cArr, false, new DERSequence(aSN1EncodableVector6).a(ASN1Encoding.a)))).k())});
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        (z ? new DEROutputStream(byteArrayOutputStream) : new BEROutputStream(byteArrayOutputStream)).a(authenticatedSafe);
        ContentInfo contentInfo = new ContentInfo(Q, new BEROctetString(byteArrayOutputStream.toByteArray()));
        byte[] bArr3 = new byte[this.f2403cn];
        this.bY.nextBytes(bArr3);
        try {
            (z ? new DEROutputStream(outputStream) : new BEROutputStream(outputStream)).a(new Pfx(contentInfo, new MacData(new DigestInfo(this.cl, a(this.cl.a(), bArr3, this.cm, cArr, false, ((ASN1OctetString) contentInfo.b()).d())), bArr3, this.cm)));
        } catch (Exception e4) {
            throw new IOException("error constructing MAC: " + e4.toString());
        }
    }

    private byte[] a(ASN1ObjectIdentifier aSN1ObjectIdentifier, byte[] bArr, int i, char[] cArr, boolean z, byte[] bArr2) throws Exception {
        PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i);
        Mac b = this.bZ.b(aSN1ObjectIdentifier.b());
        b.init(new PKCS12Key(cArr, z), pBEParameterSpec);
        b.update(bArr2);
        return b.doFinal();
    }

    private static byte[] a(SubjectPublicKeyInfo subjectPublicKeyInfo) {
        Digest b = DigestFactory.b();
        byte[] bArr = new byte[b.b()];
        byte[] f = subjectPublicKeyInfo.e().f();
        b.a(f, 0, f.length);
        b.a(bArr, 0);
        return bArr;
    }

    protected PrivateKey a(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, char[] cArr, boolean z) throws IOException {
        ASN1ObjectIdentifier a = algorithmIdentifier.a();
        try {
            if (a.a(PKCSObjectIdentifiers.bD)) {
                PKCS12PBEParams a2 = PKCS12PBEParams.a(algorithmIdentifier.b());
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(a2.b(), a(a2.a()));
                Cipher a3 = this.bZ.a(a.b());
                a3.init(4, new PKCS12Key(cArr, z), pBEParameterSpec);
                return (PrivateKey) a3.unwrap(bArr, "", 2);
            }
            if (a.equals(PKCSObjectIdentifiers.A)) {
                return (PrivateKey) a(4, cArr, algorithmIdentifier).unwrap(bArr, "", 2);
            }
            throw new IOException("exception unwrapping private key - cannot recognise: " + a);
        } catch (Exception e) {
            throw new IOException("exception unwrapping private key - " + e.toString());
        }
    }

    @Override // org.spongycastle.jce.interfaces.BCKeyStore
    public void a(SecureRandom secureRandom) {
        this.bY = secureRandom;
    }

    protected byte[] a(String str, Key key, PKCS12PBEParams pKCS12PBEParams, char[] cArr) throws IOException {
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        try {
            SecretKeyFactory h = this.bZ.h(str);
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(pKCS12PBEParams.b(), pKCS12PBEParams.a().intValue());
            Cipher a = this.bZ.a(str);
            a.init(3, h.generateSecret(pBEKeySpec), pBEParameterSpec);
            return a.wrap(key);
        } catch (Exception e) {
            throw new IOException("exception encrypting data - " + e.toString());
        }
    }

    protected byte[] a(boolean z, AlgorithmIdentifier algorithmIdentifier, char[] cArr, boolean z2, byte[] bArr) throws IOException {
        ASN1ObjectIdentifier a = algorithmIdentifier.a();
        int i = z ? 1 : 2;
        if (a.a(PKCSObjectIdentifiers.bD)) {
            PKCS12PBEParams a2 = PKCS12PBEParams.a(algorithmIdentifier.b());
            try {
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(a2.b(), a2.a().intValue());
                PKCS12Key pKCS12Key = new PKCS12Key(cArr, z2);
                Cipher a3 = this.bZ.a(a.b());
                a3.init(i, pKCS12Key, pBEParameterSpec);
                return a3.doFinal(bArr);
            } catch (Exception e) {
                throw new IOException("exception decrypting data - " + e.toString());
            }
        }
        if (!a.equals(PKCSObjectIdentifiers.A)) {
            throw new IOException("unknown PBE algorithm: " + a);
        }
        try {
            return a(i, cArr, algorithmIdentifier).doFinal(bArr);
        } catch (Exception e2) {
            throw new IOException("exception decrypting data - " + e2.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        Hashtable hashtable = new Hashtable();
        Enumeration a = this.cf.a();
        while (a.hasMoreElements()) {
            hashtable.put(a.nextElement(), "cert");
        }
        Enumeration a2 = this.cd.a();
        while (a2.hasMoreElements()) {
            String str = (String) a2.nextElement();
            if (hashtable.get(str) == null) {
                hashtable.put(str, "key");
            }
        }
        return hashtable.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return (this.cf.b(str) == null && this.cd.b(str) == null) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        Key key = (Key) this.cd.a(str);
        Certificate certificate = (Certificate) this.cf.a(str);
        if (certificate != null) {
            this.cg.remove(new CertId(certificate.getPublicKey()));
        }
        if (key != null) {
            String str2 = (String) this.ce.remove(str);
            if (str2 != null) {
                certificate = (Certificate) this.ch.remove(str2);
            }
            if (certificate != null) {
                this.cg.remove(new CertId(certificate.getPublicKey()));
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (str == null) {
            throw new IllegalArgumentException("null alias passed to getCertificate.");
        }
        Certificate certificate = (Certificate) this.cf.b(str);
        if (certificate != null) {
            return certificate;
        }
        String str2 = (String) this.ce.get(str);
        return str2 != null ? (Certificate) this.ch.get(str2) : (Certificate) this.ch.get(str);
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration b = this.cf.b();
        Enumeration a = this.cf.a();
        while (b.hasMoreElements()) {
            Certificate certificate2 = (Certificate) b.nextElement();
            String str = (String) a.nextElement();
            if (certificate2.equals(certificate)) {
                return str;
            }
        }
        Enumeration elements = this.ch.elements();
        Enumeration keys = this.ch.keys();
        while (elements.hasMoreElements()) {
            Certificate certificate3 = (Certificate) elements.nextElement();
            String str2 = (String) keys.nextElement();
            if (certificate3.equals(certificate)) {
                return str2;
            }
        }
        return null;
    }

    /* JADX WARN: Removed duplicated region for block: B:14:0x0068  */
    /* JADX WARN: Removed duplicated region for block: B:32:0x00a9  */
    /* JADX WARN: Removed duplicated region for block: B:41:0x00a6 A[SYNTHETIC] */
    @Override // java.security.KeyStoreSpi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.security.cert.Certificate[] engineGetCertificateChain(java.lang.String r9) {
        /*
            r8 = this;
            if (r9 == 0) goto Lc8
            boolean r0 = r8.engineIsKeyEntry(r9)
            r1 = 0
            if (r0 != 0) goto La
            return r1
        La:
            java.security.cert.Certificate r9 = r8.engineGetCertificate(r9)
            if (r9 == 0) goto Lc7
            java.util.Vector r0 = new java.util.Vector
            r0.<init>()
        L15:
            if (r9 == 0) goto Lb1
            r2 = r9
            java.security.cert.X509Certificate r2 = (java.security.cert.X509Certificate) r2
            org.spongycastle.asn1.ASN1ObjectIdentifier r3 = org.spongycastle.asn1.x509.Extension.s
            java.lang.String r3 = r3.b()
            byte[] r3 = r2.getExtensionValue(r3)
            if (r3 == 0) goto L65
            org.spongycastle.asn1.ASN1InputStream r4 = new org.spongycastle.asn1.ASN1InputStream     // Catch: java.io.IOException -> L5a
            r4.<init>(r3)     // Catch: java.io.IOException -> L5a
            org.spongycastle.asn1.ASN1Primitive r3 = r4.d()     // Catch: java.io.IOException -> L5a
            org.spongycastle.asn1.ASN1OctetString r3 = (org.spongycastle.asn1.ASN1OctetString) r3     // Catch: java.io.IOException -> L5a
            byte[] r3 = r3.d()     // Catch: java.io.IOException -> L5a
            org.spongycastle.asn1.ASN1InputStream r4 = new org.spongycastle.asn1.ASN1InputStream     // Catch: java.io.IOException -> L5a
            r4.<init>(r3)     // Catch: java.io.IOException -> L5a
            org.spongycastle.asn1.ASN1Primitive r3 = r4.d()     // Catch: java.io.IOException -> L5a
            org.spongycastle.asn1.x509.AuthorityKeyIdentifier r3 = org.spongycastle.asn1.x509.AuthorityKeyIdentifier.a(r3)     // Catch: java.io.IOException -> L5a
            byte[] r4 = r3.a()     // Catch: java.io.IOException -> L5a
            if (r4 == 0) goto L65
            java.util.Hashtable r4 = r8.cg     // Catch: java.io.IOException -> L5a
            org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi$CertId r5 = new org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi$CertId     // Catch: java.io.IOException -> L5a
            byte[] r3 = r3.a()     // Catch: java.io.IOException -> L5a
            r5.<init>(r3)     // Catch: java.io.IOException -> L5a
            java.lang.Object r3 = r4.get(r5)     // Catch: java.io.IOException -> L5a
            java.security.cert.Certificate r3 = (java.security.cert.Certificate) r3     // Catch: java.io.IOException -> L5a
            goto L66
        L5a:
            r9 = move-exception
            java.lang.RuntimeException r0 = new java.lang.RuntimeException
            java.lang.String r9 = r9.toString()
            r0.<init>(r9)
            throw r0
        L65:
            r3 = r1
        L66:
            if (r3 != 0) goto La0
            java.security.Principal r4 = r2.getIssuerDN()
            java.security.Principal r5 = r2.getSubjectDN()
            boolean r5 = r4.equals(r5)
            if (r5 != 0) goto La0
            java.util.Hashtable r5 = r8.cg
            java.util.Enumeration r5 = r5.keys()
        L7c:
            boolean r6 = r5.hasMoreElements()
            if (r6 == 0) goto La0
            java.util.Hashtable r6 = r8.cg
            java.lang.Object r7 = r5.nextElement()
            java.lang.Object r6 = r6.get(r7)
            java.security.cert.X509Certificate r6 = (java.security.cert.X509Certificate) r6
            java.security.Principal r7 = r6.getSubjectDN()
            boolean r7 = r7.equals(r4)
            if (r7 == 0) goto L7c
            java.security.PublicKey r7 = r6.getPublicKey()     // Catch: java.lang.Exception -> L7c
            r2.verify(r7)     // Catch: java.lang.Exception -> L7c
            r3 = r6
        La0:
            boolean r2 = r0.contains(r9)
            if (r2 == 0) goto La9
        La6:
            r9 = r1
            goto L15
        La9:
            r0.addElement(r9)
            if (r3 == r9) goto La6
            r9 = r3
            goto L15
        Lb1:
            int r9 = r0.size()
            java.security.cert.Certificate[] r9 = new java.security.cert.Certificate[r9]
            r1 = 0
        Lb8:
            int r2 = r9.length
            if (r1 == r2) goto Lc6
            java.lang.Object r2 = r0.elementAt(r1)
            java.security.cert.Certificate r2 = (java.security.cert.Certificate) r2
            r9[r1] = r2
            int r1 = r1 + 1
            goto Lb8
        Lc6:
            return r9
        Lc7:
            return r1
        Lc8:
            java.lang.IllegalArgumentException r9 = new java.lang.IllegalArgumentException
            java.lang.String r0 = "null alias passed to getCertificateChain."
            r9.<init>(r0)
            throw r9
        */
        throw new UnsupportedOperationException("Method not decompiled: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineGetCertificateChain(java.lang.String):java.security.cert.Certificate[]");
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        if (str == null) {
            throw new NullPointerException("alias == null");
        }
        if (this.cd.b(str) == null && this.cf.b(str) == null) {
            return null;
        }
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        if (str != null) {
            return (Key) this.cd.b(str);
        }
        throw new IllegalArgumentException("null alias passed to getKey.");
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return this.cf.b(str) != null && this.cd.b(str) == null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return this.cd.b(str) != null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:169:0x0497  */
    /* JADX WARN: Removed duplicated region for block: B:21:0x00ee  */
    /* JADX WARN: Removed duplicated region for block: B:231:0x0479  */
    /* JADX WARN: Type inference failed for: r2v8, types: [org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi$IgnoresCaseHashtable] */
    /* JADX WARN: Type inference failed for: r3v6, types: [java.security.cert.Certificate, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r6v20 */
    /* JADX WARN: Type inference failed for: r6v22, types: [org.spongycastle.asn1.ASN1OctetString] */
    /* JADX WARN: Type inference failed for: r6v23 */
    /* JADX WARN: Type inference failed for: r6v24 */
    /* JADX WARN: Type inference failed for: r6v25 */
    @Override // java.security.KeyStoreSpi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void engineLoad(java.io.InputStream r20, char[] r21) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 1501
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.spongycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineLoad(java.io.InputStream, char[]):void");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        if (this.cd.b(str) == null) {
            this.cf.a(str, certificate);
            this.cg.put(new CertId(certificate.getPublicKey()), certificate);
        } else {
            throw new KeyStoreException("There is a key entry with the name " + str + ".");
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        boolean z = key instanceof PrivateKey;
        if (!z) {
            throw new KeyStoreException("PKCS12 does not support non-PrivateKeys");
        }
        if (z && certificateArr == null) {
            throw new KeyStoreException("no certificate chain for private key");
        }
        if (this.cd.b(str) != null) {
            engineDeleteEntry(str);
        }
        this.cd.a(str, key);
        if (certificateArr != null) {
            this.cf.a(str, certificateArr[0]);
            for (int i = 0; i != certificateArr.length; i++) {
                this.cg.put(new CertId(certificateArr[i].getPublicKey()), certificateArr[i]);
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new RuntimeException("operation not supported");
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        Hashtable hashtable = new Hashtable();
        Enumeration a = this.cf.a();
        while (a.hasMoreElements()) {
            hashtable.put(a.nextElement(), "cert");
        }
        Enumeration a2 = this.cd.a();
        while (a2.hasMoreElements()) {
            String str = (String) a2.nextElement();
            if (hashtable.get(str) == null) {
                hashtable.put(str, "key");
            }
        }
        return hashtable.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException {
        a(outputStream, cArr, false);
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws IOException, NoSuchAlgorithmException, CertificateException {
        PKCS12StoreParameter pKCS12StoreParameter;
        char[] password;
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'param' arg cannot be null");
        }
        boolean z = loadStoreParameter instanceof PKCS12StoreParameter;
        if (!z && !(loadStoreParameter instanceof JDKPKCS12StoreParameter)) {
            throw new IllegalArgumentException("No support for 'param' of type " + loadStoreParameter.getClass().getName());
        }
        if (z) {
            pKCS12StoreParameter = (PKCS12StoreParameter) loadStoreParameter;
        } else {
            JDKPKCS12StoreParameter jDKPKCS12StoreParameter = (JDKPKCS12StoreParameter) loadStoreParameter;
            pKCS12StoreParameter = new PKCS12StoreParameter(jDKPKCS12StoreParameter.a(), loadStoreParameter.getProtectionParameter(), jDKPKCS12StoreParameter.b());
        }
        KeyStore.ProtectionParameter protectionParameter = loadStoreParameter.getProtectionParameter();
        if (protectionParameter == null) {
            password = null;
        } else {
            if (!(protectionParameter instanceof KeyStore.PasswordProtection)) {
                throw new IllegalArgumentException("No support for protection parameter of type " + protectionParameter.getClass().getName());
            }
            password = ((KeyStore.PasswordProtection) protectionParameter).getPassword();
        }
        a(pKCS12StoreParameter.a(), password, pKCS12StoreParameter.b());
    }
}
