package org.bouncycastle.jcajce.provider.keystore.pkcs12;

import O.O;
import com.ss.texturerender.TextureRenderKeys;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.BEROctetString;
import org.bouncycastle.asn1.BERSequence;
import org.bouncycastle.asn1.DERBMPString;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
import org.bouncycastle.asn1.pkcs.CertBag;
import org.bouncycastle.asn1.pkcs.ContentInfo;
import org.bouncycastle.asn1.pkcs.EncryptedData;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.MacData;
import org.bouncycastle.asn1.pkcs.PBES2Parameters;
import org.bouncycastle.asn1.pkcs.PBKDF2Params;
import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.Pfx;
import org.bouncycastle.asn1.pkcs.SafeBag;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import org.bouncycastle.asn1.x509.DigestInfo;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.util.DigestFactory;
import org.bouncycastle.jcajce.PKCS12Key;
import org.bouncycastle.jcajce.PKCS12StoreParameter;
import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
import org.bouncycastle.jcajce.spec.PBKDF2KeySpec;
import org.bouncycastle.jcajce.util.BCJcaJceHelper;
import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.jce.interfaces.BCKeyStore;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
import org.bouncycastle.jce.provider.JDKPKCS12StoreParameter;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.Integers;
import org.bouncycastle.util.Properties;
import org.bouncycastle.util.Strings;

/* loaded from: classes5.dex */
public class PKCS12KeyStoreSpi extends KeyStoreSpi implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore {
    public static final DefaultSecretKeyProvider bV = new DefaultSecretKeyProvider();
    public IgnoresCaseHashtable bW;
    public IgnoresCaseHashtable bY;
    public CertificateFactory cb;
    public ASN1ObjectIdentifier cc;
    public ASN1ObjectIdentifier cd;
    public final JcaJceHelper bU = new BCJcaJceHelper();
    public Hashtable bX = new Hashtable();
    public Hashtable bZ = new Hashtable();
    public Hashtable ca = new Hashtable();
    public SecureRandom bT = CryptoServicesRegistrar.a();
    public AlgorithmIdentifier ce = new AlgorithmIdentifier(OIWObjectIdentifiers.i, DERNull.a);
    public int cf = 102400;
    public int cg = 20;

    /* loaded from: classes5.dex */
    public static class BCPKCS12KeyStore extends PKCS12KeyStoreSpi {
        public BCPKCS12KeyStore() {
            super(new BCJcaJceHelper(), PKCSObjectIdentifiers.bK, PKCSObjectIdentifiers.bN);
        }
    }

    /* loaded from: classes5.dex */
    public static class BCPKCS12KeyStore3DES extends PKCS12KeyStoreSpi {
        public BCPKCS12KeyStore3DES() {
            super(new BCJcaJceHelper(), PKCSObjectIdentifiers.bK, PKCSObjectIdentifiers.bK);
        }
    }

    /* loaded from: classes5.dex */
    public class CertId {
        public byte[] a;

        public CertId(PublicKey publicKey) {
            this.a = PKCS12KeyStoreSpi.this.a(publicKey).a();
        }

        public CertId(byte[] bArr) {
            this.a = bArr;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (obj instanceof CertId) {
                return Arrays.a(this.a, ((CertId) obj).a);
            }
            return false;
        }

        public int hashCode() {
            return Arrays.a(this.a);
        }
    }

    /* loaded from: classes5.dex */
    public static class DefPKCS12KeyStore extends PKCS12KeyStoreSpi {
        public DefPKCS12KeyStore() {
            super(new DefaultJcaJceHelper(), PKCSObjectIdentifiers.bK, PKCSObjectIdentifiers.bN);
        }
    }

    /* loaded from: classes5.dex */
    public static class DefPKCS12KeyStore3DES extends PKCS12KeyStoreSpi {
        public DefPKCS12KeyStore3DES() {
            super(new DefaultJcaJceHelper(), PKCSObjectIdentifiers.bK, PKCSObjectIdentifiers.bK);
        }
    }

    /* loaded from: classes5.dex */
    public static class DefaultSecretKeyProvider {
        public final Map a;

        public DefaultSecretKeyProvider() {
            HashMap hashMap = new HashMap();
            hashMap.put(new ASN1ObjectIdentifier("1.2.840.113533.7.66.10"), Integers.c(128));
            hashMap.put(PKCSObjectIdentifiers.D, Integers.c(192));
            hashMap.put(NISTObjectIdentifiers.y, Integers.c(128));
            hashMap.put(NISTObjectIdentifiers.G, Integers.c(192));
            hashMap.put(NISTObjectIdentifiers.f1674O, Integers.c(256));
            hashMap.put(NTTObjectIdentifiers.a, Integers.c(128));
            hashMap.put(NTTObjectIdentifiers.b, Integers.c(192));
            hashMap.put(NTTObjectIdentifiers.c, Integers.c(256));
            hashMap.put(CryptoProObjectIdentifiers.f, Integers.c(256));
            this.a = Collections.unmodifiableMap(hashMap);
        }

        public int a(AlgorithmIdentifier algorithmIdentifier) {
            Integer num = (Integer) this.a.get(algorithmIdentifier.a());
            if (num != null) {
                return num.intValue();
            }
            return -1;
        }
    }

    /* loaded from: classes5.dex */
    public static class IgnoresCaseHashtable {
        public Hashtable a;
        public Hashtable b;

        public IgnoresCaseHashtable() {
            this.a = new Hashtable();
            this.b = new Hashtable();
        }

        public Object a(String str) {
            Object remove = this.b.remove(str == null ? null : Strings.c(str));
            if (remove == null) {
                return null;
            }
            return this.a.remove(remove);
        }

        public Enumeration a() {
            return this.a.keys();
        }

        public void a(String str, Object obj) {
            String c = str == null ? null : Strings.c(str);
            Object obj2 = this.b.get(c);
            if (obj2 != null) {
                this.a.remove(obj2);
            }
            this.b.put(c, str);
            this.a.put(str, obj);
        }

        public Object b(String str) {
            Object obj = this.b.get(str == null ? null : Strings.c(str));
            if (obj == null) {
                return null;
            }
            return this.a.get(obj);
        }

        public Enumeration b() {
            return this.a.elements();
        }

        public int c() {
            return this.a.size();
        }
    }

    public PKCS12KeyStoreSpi(JcaJceHelper jcaJceHelper, ASN1ObjectIdentifier aSN1ObjectIdentifier, ASN1ObjectIdentifier aSN1ObjectIdentifier2) {
        this.bW = new IgnoresCaseHashtable();
        this.bY = new IgnoresCaseHashtable();
        this.cc = aSN1ObjectIdentifier;
        this.cd = aSN1ObjectIdentifier2;
        try {
            this.cb = jcaJceHelper.h("X.509");
        } catch (Exception e) {
            new StringBuilder();
            throw new IllegalArgumentException(O.C("can't create cert factory - ", e.toString()));
        }
    }

    private int a(BigInteger bigInteger) {
        int intValue = bigInteger.intValue();
        if (intValue < 0) {
            throw new IllegalStateException("negative iteration count found");
        }
        BigInteger b = Properties.b("org.bouncycastle.pkcs12.max_it_count");
        if (b == null || b.intValue() >= intValue) {
            return intValue;
        }
        throw new IllegalStateException("iteration count " + intValue + " greater than " + b.intValue());
    }

    private Set a() {
        HashSet hashSet = new HashSet();
        Enumeration a = this.bW.a();
        while (a.hasMoreElements()) {
            Certificate[] engineGetCertificateChain = engineGetCertificateChain((String) a.nextElement());
            for (int i = 0; i != engineGetCertificateChain.length; i++) {
                hashSet.add(engineGetCertificateChain[i]);
            }
        }
        Enumeration a2 = this.bY.a();
        while (a2.hasMoreElements()) {
            hashSet.add(engineGetCertificate((String) a2.nextElement()));
        }
        return hashSet;
    }

    private Cipher a(int i, char[] cArr, AlgorithmIdentifier algorithmIdentifier) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchProviderException {
        AlgorithmParameterSpec gOST28147ParameterSpec;
        PBES2Parameters a = PBES2Parameters.a(algorithmIdentifier.b());
        PBKDF2Params a2 = PBKDF2Params.a(a.a().b());
        AlgorithmIdentifier a3 = AlgorithmIdentifier.a(a.b());
        SecretKeyFactory e = this.bU.e(a.a().a().b());
        SecretKey generateSecret = a2.d() ? e.generateSecret(new PBEKeySpec(cArr, a2.a(), a(a2.b()), bV.a(a3))) : e.generateSecret(new PBKDF2KeySpec(cArr, a2.a(), a(a2.b()), bV.a(a3), a2.e()));
        Cipher cipher = Cipher.getInstance(a.b().a().b());
        ASN1Encodable b = a.b().b();
        if (b instanceof ASN1OctetString) {
            gOST28147ParameterSpec = new IvParameterSpec(ASN1OctetString.a((Object) b).c());
        } else {
            GOST28147Parameters a4 = GOST28147Parameters.a(b);
            gOST28147ParameterSpec = new GOST28147ParameterSpec(a4.a(), a4.b());
        }
        cipher.init(i, generateSecret, gOST28147ParameterSpec);
        return cipher;
    }

    /* JADX WARN: Code restructure failed: missing block: B:18:0x0072, code lost:
    
        if (r2 == false) goto L17;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private org.bouncycastle.asn1.pkcs.SafeBag a(java.lang.String r8, java.security.cert.Certificate r9) throws java.security.cert.CertificateEncodingException {
        /*
            r7 = this;
            org.bouncycastle.asn1.pkcs.CertBag r5 = new org.bouncycastle.asn1.pkcs.CertBag
            org.bouncycastle.asn1.ASN1ObjectIdentifier r2 = org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.ao
            org.bouncycastle.asn1.DEROctetString r1 = new org.bouncycastle.asn1.DEROctetString
            byte[] r0 = r9.getEncoded()
            r1.<init>(r0)
            r5.<init>(r2, r1)
            org.bouncycastle.asn1.ASN1EncodableVector r4 = new org.bouncycastle.asn1.ASN1EncodableVector
            r4.<init>()
            boolean r0 = r9 instanceof org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier
            r2 = 0
            if (r0 == 0) goto L74
            org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier r9 = (org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier) r9
            org.bouncycastle.asn1.ASN1ObjectIdentifier r0 = org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.ak
            org.bouncycastle.asn1.ASN1Encodable r0 = r9.getBagAttribute(r0)
            org.bouncycastle.asn1.DERBMPString r0 = (org.bouncycastle.asn1.DERBMPString) r0
            if (r0 == 0) goto L30
            java.lang.String r0 = r0.b()
            boolean r0 = r0.equals(r8)
            if (r0 != 0) goto L3c
        L30:
            if (r8 == 0) goto L3c
            org.bouncycastle.asn1.ASN1ObjectIdentifier r1 = org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.ak
            org.bouncycastle.asn1.DERBMPString r0 = new org.bouncycastle.asn1.DERBMPString
            r0.<init>(r8)
            r9.setBagAttribute(r1, r0)
        L3c:
            java.util.Enumeration r6 = r9.getBagAttributeKeys()
        L40:
            boolean r0 = r6.hasMoreElements()
            if (r0 == 0) goto L72
            java.lang.Object r3 = r6.nextElement()
            org.bouncycastle.asn1.ASN1ObjectIdentifier r3 = (org.bouncycastle.asn1.ASN1ObjectIdentifier) r3
            org.bouncycastle.asn1.ASN1ObjectIdentifier r0 = org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.al
            boolean r0 = r3.b(r0)
            if (r0 != 0) goto L40
            org.bouncycastle.asn1.ASN1EncodableVector r2 = new org.bouncycastle.asn1.ASN1EncodableVector
            r2.<init>()
            r2.a(r3)
            org.bouncycastle.asn1.DERSet r1 = new org.bouncycastle.asn1.DERSet
            org.bouncycastle.asn1.ASN1Encodable r0 = r9.getBagAttribute(r3)
            r1.<init>(r0)
            r2.a(r1)
            org.bouncycastle.asn1.DERSequence r0 = new org.bouncycastle.asn1.DERSequence
            r0.<init>(r2)
            r4.a(r0)
            r2 = 1
            goto L40
        L72:
            if (r2 != 0) goto L93
        L74:
            org.bouncycastle.asn1.ASN1EncodableVector r2 = new org.bouncycastle.asn1.ASN1EncodableVector
            r2.<init>()
            org.bouncycastle.asn1.ASN1ObjectIdentifier r0 = org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.ak
            r2.a(r0)
            org.bouncycastle.asn1.DERSet r1 = new org.bouncycastle.asn1.DERSet
            org.bouncycastle.asn1.DERBMPString r0 = new org.bouncycastle.asn1.DERBMPString
            r0.<init>(r8)
            r1.<init>(r0)
            r2.a(r1)
            org.bouncycastle.asn1.DERSequence r0 = new org.bouncycastle.asn1.DERSequence
            r0.<init>(r2)
            r4.a(r0)
        L93:
            org.bouncycastle.asn1.pkcs.SafeBag r3 = new org.bouncycastle.asn1.pkcs.SafeBag
            org.bouncycastle.asn1.ASN1ObjectIdentifier r2 = org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers.bD
            org.bouncycastle.asn1.ASN1Primitive r1 = r5.j()
            org.bouncycastle.asn1.DERSet r0 = new org.bouncycastle.asn1.DERSet
            r0.<init>(r4)
            r3.<init>(r2, r1, r0)
            return r3
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.a(java.lang.String, java.security.cert.Certificate):org.bouncycastle.asn1.pkcs.SafeBag");
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void a(OutputStream outputStream, char[] cArr, boolean z) throws IOException {
        if (this.bW.c() != 0) {
            Objects.requireNonNull(cArr, "no password supplied for PKCS#12 KeyStore");
        } else if (cArr == null) {
            Enumeration a = this.bY.a();
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            while (a.hasMoreElements()) {
                try {
                    String str = (String) a.nextElement();
                    aSN1EncodableVector.a(a(str, (Certificate) this.bY.b(str)));
                } catch (CertificateEncodingException e) {
                    new StringBuilder();
                    throw new IOException(O.C("Error encoding certificate: ", e.toString()));
                }
            }
            ASN1ObjectIdentifier aSN1ObjectIdentifier = PKCSObjectIdentifiers.Q;
            if (z) {
                new Pfx(new ContentInfo(PKCSObjectIdentifiers.Q, new DEROctetString(new DERSequence(new ContentInfo(aSN1ObjectIdentifier, new DEROctetString(new DERSequence(aSN1EncodableVector).getEncoded()))).getEncoded())), null).a(outputStream, "DER");
                return;
            } else {
                new Pfx(new ContentInfo(PKCSObjectIdentifiers.Q, new BEROctetString(new BERSequence(new ContentInfo(aSN1ObjectIdentifier, new BEROctetString(new BERSequence(aSN1EncodableVector).getEncoded()))).getEncoded())), null).a(outputStream, "BER");
                return;
            }
        }
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        Enumeration a2 = this.bW.a();
        while (a2.hasMoreElements()) {
            byte[] bArr = new byte[20];
            this.bT.nextBytes(bArr);
            String str2 = (String) a2.nextElement();
            PrivateKey privateKey = (PrivateKey) this.bW.b(str2);
            PKCS12PBEParams pKCS12PBEParams = new PKCS12PBEParams(bArr, 51200);
            EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(this.cc, pKCS12PBEParams.j()), a(this.cc.b(), privateKey, pKCS12PBEParams, cArr));
            ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
            if (privateKey instanceof PKCS12BagAttributeCarrier) {
                PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier = (PKCS12BagAttributeCarrier) privateKey;
                DERBMPString dERBMPString = (DERBMPString) pKCS12BagAttributeCarrier.getBagAttribute(PKCSObjectIdentifiers.ak);
                if (dERBMPString == null || !dERBMPString.b().equals(str2)) {
                    pKCS12BagAttributeCarrier.setBagAttribute(PKCSObjectIdentifiers.ak, new DERBMPString(str2));
                }
                if (pKCS12BagAttributeCarrier.getBagAttribute(PKCSObjectIdentifiers.al) == null) {
                    pKCS12BagAttributeCarrier.setBagAttribute(PKCSObjectIdentifiers.al, a(engineGetCertificate(str2).getPublicKey()));
                }
                Enumeration bagAttributeKeys = pKCS12BagAttributeCarrier.getBagAttributeKeys();
                boolean z2 = false;
                while (bagAttributeKeys.hasMoreElements()) {
                    ASN1ObjectIdentifier aSN1ObjectIdentifier2 = (ASN1ObjectIdentifier) bagAttributeKeys.nextElement();
                    ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
                    aSN1EncodableVector4.a(aSN1ObjectIdentifier2);
                    aSN1EncodableVector4.a(new DERSet(pKCS12BagAttributeCarrier.getBagAttribute(aSN1ObjectIdentifier2)));
                    aSN1EncodableVector3.a(new DERSequence(aSN1EncodableVector4));
                    z2 = true;
                }
                if (z2) {
                    aSN1EncodableVector2.a(new SafeBag(PKCSObjectIdentifiers.bC, encryptedPrivateKeyInfo.j(), new DERSet(aSN1EncodableVector3)));
                }
            }
            ASN1EncodableVector aSN1EncodableVector5 = new ASN1EncodableVector();
            Certificate engineGetCertificate = engineGetCertificate(str2);
            aSN1EncodableVector5.a(PKCSObjectIdentifiers.al);
            aSN1EncodableVector5.a(new DERSet(a(engineGetCertificate.getPublicKey())));
            aSN1EncodableVector3.a(new DERSequence(aSN1EncodableVector5));
            ASN1EncodableVector aSN1EncodableVector6 = new ASN1EncodableVector();
            aSN1EncodableVector6.a(PKCSObjectIdentifiers.ak);
            aSN1EncodableVector6.a(new DERSet(new DERBMPString(str2)));
            aSN1EncodableVector3.a(new DERSequence(aSN1EncodableVector6));
            aSN1EncodableVector2.a(new SafeBag(PKCSObjectIdentifiers.bC, encryptedPrivateKeyInfo.j(), new DERSet(aSN1EncodableVector3)));
        }
        BEROctetString bEROctetString = new BEROctetString(new DERSequence(aSN1EncodableVector2).a("DER"));
        byte[] bArr2 = new byte[20];
        this.bT.nextBytes(bArr2);
        ASN1EncodableVector aSN1EncodableVector7 = new ASN1EncodableVector();
        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(this.cd, new PKCS12PBEParams(bArr2, 51200).j());
        Hashtable hashtable = new Hashtable();
        Enumeration a3 = this.bW.a();
        while (a3.hasMoreElements()) {
            try {
                String str3 = (String) a3.nextElement();
                Certificate engineGetCertificate2 = engineGetCertificate(str3);
                CertBag certBag = new CertBag(PKCSObjectIdentifiers.ao, new DEROctetString(engineGetCertificate2.getEncoded()));
                ASN1EncodableVector aSN1EncodableVector8 = new ASN1EncodableVector();
                if (engineGetCertificate2 instanceof PKCS12BagAttributeCarrier) {
                    PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier2 = (PKCS12BagAttributeCarrier) engineGetCertificate2;
                    DERBMPString dERBMPString2 = (DERBMPString) pKCS12BagAttributeCarrier2.getBagAttribute(PKCSObjectIdentifiers.ak);
                    if (dERBMPString2 == null || !dERBMPString2.b().equals(str3)) {
                        pKCS12BagAttributeCarrier2.setBagAttribute(PKCSObjectIdentifiers.ak, new DERBMPString(str3));
                    }
                    if (pKCS12BagAttributeCarrier2.getBagAttribute(PKCSObjectIdentifiers.al) == null) {
                        pKCS12BagAttributeCarrier2.setBagAttribute(PKCSObjectIdentifiers.al, a(engineGetCertificate2.getPublicKey()));
                    }
                    Enumeration bagAttributeKeys2 = pKCS12BagAttributeCarrier2.getBagAttributeKeys();
                    boolean z3 = false;
                    while (bagAttributeKeys2.hasMoreElements()) {
                        ASN1ObjectIdentifier aSN1ObjectIdentifier3 = (ASN1ObjectIdentifier) bagAttributeKeys2.nextElement();
                        ASN1EncodableVector aSN1EncodableVector9 = new ASN1EncodableVector();
                        aSN1EncodableVector9.a(aSN1ObjectIdentifier3);
                        aSN1EncodableVector9.a(new DERSet(pKCS12BagAttributeCarrier2.getBagAttribute(aSN1ObjectIdentifier3)));
                        aSN1EncodableVector8.a(new DERSequence(aSN1EncodableVector9));
                        z3 = true;
                    }
                    if (z3) {
                        aSN1EncodableVector7.a(new SafeBag(PKCSObjectIdentifiers.bD, certBag.j(), new DERSet(aSN1EncodableVector8)));
                        hashtable.put(engineGetCertificate2, engineGetCertificate2);
                    }
                }
                ASN1EncodableVector aSN1EncodableVector10 = new ASN1EncodableVector();
                aSN1EncodableVector10.a(PKCSObjectIdentifiers.al);
                aSN1EncodableVector10.a(new DERSet(a(engineGetCertificate2.getPublicKey())));
                aSN1EncodableVector8.a(new DERSequence(aSN1EncodableVector10));
                ASN1EncodableVector aSN1EncodableVector11 = new ASN1EncodableVector();
                aSN1EncodableVector11.a(PKCSObjectIdentifiers.ak);
                aSN1EncodableVector11.a(new DERSet(new DERBMPString(str3)));
                aSN1EncodableVector8.a(new DERSequence(aSN1EncodableVector11));
                aSN1EncodableVector7.a(new SafeBag(PKCSObjectIdentifiers.bD, certBag.j(), new DERSet(aSN1EncodableVector8)));
                hashtable.put(engineGetCertificate2, engineGetCertificate2);
            } catch (CertificateEncodingException e2) {
                new StringBuilder();
                throw new IOException(O.C("Error encoding certificate: ", e2.toString()));
            }
        }
        Enumeration a4 = this.bY.a();
        while (a4.hasMoreElements()) {
            try {
                String str4 = (String) a4.nextElement();
                Certificate certificate = (Certificate) this.bY.b(str4);
                if (this.bW.b(str4) == null) {
                    aSN1EncodableVector7.a(a(str4, certificate));
                    hashtable.put(certificate, certificate);
                }
            } catch (CertificateEncodingException e3) {
                new StringBuilder();
                throw new IOException(O.C("Error encoding certificate: ", e3.toString()));
            }
        }
        Set a5 = a();
        Enumeration keys = this.bZ.keys();
        while (keys.hasMoreElements()) {
            try {
                Certificate certificate2 = (Certificate) this.bZ.get(keys.nextElement());
                if (a5.contains(certificate2) && hashtable.get(certificate2) == null) {
                    CertBag certBag2 = new CertBag(PKCSObjectIdentifiers.ao, new DEROctetString(certificate2.getEncoded()));
                    ASN1EncodableVector aSN1EncodableVector12 = new ASN1EncodableVector();
                    if (certificate2 instanceof PKCS12BagAttributeCarrier) {
                        PKCS12BagAttributeCarrier pKCS12BagAttributeCarrier3 = (PKCS12BagAttributeCarrier) certificate2;
                        Enumeration bagAttributeKeys3 = pKCS12BagAttributeCarrier3.getBagAttributeKeys();
                        while (bagAttributeKeys3.hasMoreElements()) {
                            ASN1ObjectIdentifier aSN1ObjectIdentifier4 = (ASN1ObjectIdentifier) bagAttributeKeys3.nextElement();
                            if (!aSN1ObjectIdentifier4.b(PKCSObjectIdentifiers.al)) {
                                ASN1EncodableVector aSN1EncodableVector13 = new ASN1EncodableVector();
                                aSN1EncodableVector13.a(aSN1ObjectIdentifier4);
                                aSN1EncodableVector13.a(new DERSet(pKCS12BagAttributeCarrier3.getBagAttribute(aSN1ObjectIdentifier4)));
                                aSN1EncodableVector12.a(new DERSequence(aSN1EncodableVector13));
                            }
                        }
                    }
                    aSN1EncodableVector7.a(new SafeBag(PKCSObjectIdentifiers.bD, certBag2.j(), new DERSet(aSN1EncodableVector12)));
                }
            } catch (CertificateEncodingException e4) {
                new StringBuilder();
                throw new IOException(O.C("Error encoding certificate: ", e4.toString()));
            }
        }
        ContentInfo contentInfo = new ContentInfo(PKCSObjectIdentifiers.Q, new BEROctetString(new AuthenticatedSafe(new ContentInfo[]{new ContentInfo(PKCSObjectIdentifiers.Q, bEROctetString), new ContentInfo(PKCSObjectIdentifiers.V, new EncryptedData(PKCSObjectIdentifiers.Q, algorithmIdentifier, new BEROctetString(a(true, algorithmIdentifier, cArr, false, new DERSequence(aSN1EncodableVector7).a("DER")))).j())}).a(z ? "DER" : "BER")));
        byte[] bArr3 = new byte[this.cg];
        this.bT.nextBytes(bArr3);
        try {
            new Pfx(contentInfo, new MacData(new DigestInfo(this.ce, a(this.ce.a(), bArr3, this.cf, cArr, false, ((ASN1OctetString) contentInfo.b()).c())), bArr3, this.cf)).a(outputStream, z ? "DER" : "BER");
        } catch (Exception e5) {
            new StringBuilder();
            throw new IOException(O.C("error constructing MAC: ", e5.toString()));
        }
    }

    private byte[] a(ASN1ObjectIdentifier aSN1ObjectIdentifier, byte[] bArr, int i, char[] cArr, boolean z, byte[] bArr2) throws Exception {
        PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr, i);
        Mac b = this.bU.b(aSN1ObjectIdentifier.b());
        b.init(new PKCS12Key(cArr, z), pBEParameterSpec);
        b.update(bArr2);
        return b.doFinal();
    }

    public static byte[] a(SubjectPublicKeyInfo subjectPublicKeyInfo) {
        Digest b = DigestFactory.b();
        byte[] bArr = new byte[b.getDigestSize()];
        byte[] f = subjectPublicKeyInfo.d().f();
        b.update(f, 0, f.length);
        b.doFinal(bArr, 0);
        return bArr;
    }

    public PrivateKey a(AlgorithmIdentifier algorithmIdentifier, byte[] bArr, char[] cArr, boolean z) throws IOException {
        ASN1ObjectIdentifier a = algorithmIdentifier.a();
        try {
            if (a.a(PKCSObjectIdentifiers.bH)) {
                PKCS12PBEParams a2 = PKCS12PBEParams.a(algorithmIdentifier.b());
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(a2.b(), a(a2.a()));
                Cipher a3 = this.bU.a(a.b());
                a3.init(4, new PKCS12Key(cArr, z), pBEParameterSpec);
                return (PrivateKey) a3.unwrap(bArr, "", 2);
            }
            if (a.b(PKCSObjectIdentifiers.A)) {
                return (PrivateKey) a(4, cArr, algorithmIdentifier).unwrap(bArr, "", 2);
            }
            throw new IOException("exception unwrapping private key - cannot recognise: " + a);
        } catch (Exception e) {
            throw new IOException("exception unwrapping private key - " + e.toString());
        }
    }

    public SubjectKeyIdentifier a(PublicKey publicKey) {
        try {
            return new SubjectKeyIdentifier(a(SubjectPublicKeyInfo.a(publicKey.getEncoded())));
        } catch (Exception unused) {
            throw new RuntimeException("error creating key");
        }
    }

    public byte[] a(String str, Key key, PKCS12PBEParams pKCS12PBEParams, char[] cArr) throws IOException {
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        try {
            SecretKeyFactory e = this.bU.e(str);
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(pKCS12PBEParams.b(), pKCS12PBEParams.a().intValue());
            Cipher a = this.bU.a(str);
            a.init(3, e.generateSecret(pBEKeySpec), pBEParameterSpec);
            return a.wrap(key);
        } catch (Exception e2) {
            new StringBuilder();
            throw new IOException(O.C("exception encrypting data - ", e2.toString()));
        }
    }

    public byte[] a(boolean z, AlgorithmIdentifier algorithmIdentifier, char[] cArr, boolean z2, byte[] bArr) throws IOException {
        ASN1ObjectIdentifier a = algorithmIdentifier.a();
        int i = z ? 1 : 2;
        if (a.a(PKCSObjectIdentifiers.bH)) {
            PKCS12PBEParams a2 = PKCS12PBEParams.a(algorithmIdentifier.b());
            try {
                PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(a2.b(), a2.a().intValue());
                PKCS12Key pKCS12Key = new PKCS12Key(cArr, z2);
                Cipher a3 = this.bU.a(a.b());
                a3.init(i, pKCS12Key, pBEParameterSpec);
                return a3.doFinal(bArr);
            } catch (Exception e) {
                throw new IOException("exception decrypting data - " + e.toString());
            }
        }
        if (!a.b(PKCSObjectIdentifiers.A)) {
            throw new IOException("unknown PBE algorithm: " + a);
        }
        try {
            return a(i, cArr, algorithmIdentifier).doFinal(bArr);
        } catch (Exception e2) {
            throw new IOException("exception decrypting data - " + e2.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        Hashtable hashtable = new Hashtable();
        Enumeration a = this.bY.a();
        while (a.hasMoreElements()) {
            hashtable.put(a.nextElement(), TextureRenderKeys.KEY_IS_CERT);
        }
        Enumeration a2 = this.bW.a();
        while (a2.hasMoreElements()) {
            Object nextElement = a2.nextElement();
            if (hashtable.get(nextElement) == null) {
                hashtable.put(nextElement, "key");
            }
        }
        return hashtable.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return (this.bY.b(str) == null && this.bW.b(str) == null) ? false : true;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        Object a = this.bW.a(str);
        Certificate certificate = (Certificate) this.bY.a(str);
        if (certificate != null) {
            this.bZ.remove(new CertId(certificate.getPublicKey()));
        }
        if (a != null) {
            Object remove = this.bX.remove(str);
            if (remove != null) {
                certificate = (Certificate) this.ca.remove(remove);
            }
            if (certificate != null) {
                this.bZ.remove(new CertId(certificate.getPublicKey()));
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (str == null) {
            throw new IllegalArgumentException("null alias passed to getCertificate.");
        }
        Certificate certificate = (Certificate) this.bY.b(str);
        if (certificate != null) {
            return certificate;
        }
        Object obj = this.bX.get(str);
        return (Certificate) (obj != null ? this.ca.get(obj) : this.ca.get(str));
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration b = this.bY.b();
        Enumeration a = this.bY.a();
        while (b.hasMoreElements()) {
            Certificate certificate2 = (Certificate) b.nextElement();
            String str = (String) a.nextElement();
            if (certificate2.equals(certificate)) {
                return str;
            }
        }
        Enumeration elements = this.ca.elements();
        Enumeration keys = this.ca.keys();
        while (elements.hasMoreElements()) {
            Certificate certificate3 = (Certificate) elements.nextElement();
            String str2 = (String) keys.nextElement();
            if (certificate3.equals(certificate)) {
                return str2;
            }
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        byte[] a;
        if (str == null) {
            throw new IllegalArgumentException("null alias passed to getCertificateChain.");
        }
        Certificate[] certificateArr = 0;
        if (!engineIsKeyEntry(str)) {
            return null;
        }
        Certificate engineGetCertificate = engineGetCertificate(str);
        if (engineGetCertificate != null) {
            Vector vector = new Vector();
            while (engineGetCertificate != null) {
                X509Certificate x509Certificate = (X509Certificate) engineGetCertificate;
                byte[] extensionValue = x509Certificate.getExtensionValue(Extension.s.b());
                Certificate certificate = (extensionValue == null || (a = AuthorityKeyIdentifier.a(ASN1OctetString.a(extensionValue).c()).a()) == null) ? null : (Certificate) this.bZ.get(new CertId(a));
                if (certificate == null) {
                    Principal issuerDN = x509Certificate.getIssuerDN();
                    if (!issuerDN.equals(x509Certificate.getSubjectDN())) {
                        Enumeration keys = this.bZ.keys();
                        while (keys.hasMoreElements()) {
                            X509Certificate x509Certificate2 = (X509Certificate) this.bZ.get(keys.nextElement());
                            if (x509Certificate2.getSubjectDN().equals(issuerDN)) {
                                try {
                                    x509Certificate.verify(x509Certificate2.getPublicKey());
                                    certificate = x509Certificate2;
                                    break;
                                } catch (Exception unused) {
                                    continue;
                                }
                            }
                        }
                    }
                }
                if (!vector.contains(engineGetCertificate)) {
                    vector.addElement(engineGetCertificate);
                    if (certificate != engineGetCertificate) {
                        engineGetCertificate = certificate;
                    }
                }
                engineGetCertificate = null;
            }
            int size = vector.size();
            certificateArr = new Certificate[size];
            for (int i = 0; i != size; i++) {
                certificateArr[i] = vector.elementAt(i);
            }
        }
        return certificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        Objects.requireNonNull(str, "alias == null");
        if (this.bW.b(str) == null && this.bY.b(str) == null) {
            return null;
        }
        return new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        if (str != null) {
            return (Key) this.bW.b(str);
        }
        throw new IllegalArgumentException("null alias passed to getKey.");
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return this.bY.b(str) != null && this.bW.b(str) == null;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return this.bW.b(str) != null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:173:0x046f  */
    /* JADX WARN: Removed duplicated region for block: B:234:0x0450  */
    /* JADX WARN: Removed duplicated region for block: B:24:0x00fd  */
    /* JADX WARN: Type inference failed for: r0v154, types: [org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi$IgnoresCaseHashtable] */
    /* JADX WARN: Type inference failed for: r0v30, types: [org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi$IgnoresCaseHashtable] */
    /* JADX WARN: Type inference failed for: r13v17, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r13v18 */
    /* JADX WARN: Type inference failed for: r13v19, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r13v23 */
    /* JADX WARN: Type inference failed for: r13v24 */
    /* JADX WARN: Type inference failed for: r7v27 */
    /* JADX WARN: Type inference failed for: r7v28 */
    /* JADX WARN: Type inference failed for: r7v34 */
    /* JADX WARN: Type inference failed for: r7v35 */
    /* JADX WARN: Type inference failed for: r7v36 */
    /* JADX WARN: Type inference failed for: r8v2, types: [java.security.cert.Certificate, java.lang.Object] */
    @Override // java.security.KeyStoreSpi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void engineLoad(java.io.InputStream r20, char[] r21) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 1454
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineLoad(java.io.InputStream, char[]):void");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        if (this.bW.b(str) != null) {
            new StringBuilder();
            throw new KeyStoreException(O.C("There is a key entry with the name ", str, "."));
        }
        this.bY.a(str, certificate);
        this.bZ.put(new CertId(certificate.getPublicKey()), certificate);
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        if (!(key instanceof PrivateKey)) {
            throw new KeyStoreException("PKCS12 does not support non-PrivateKeys");
        }
        if (certificateArr == null) {
            throw new KeyStoreException("no certificate chain for private key");
        }
        if (this.bW.b(str) != null) {
            engineDeleteEntry(str);
        }
        this.bW.a(str, key);
        this.bY.a(str, certificateArr[0]);
        for (int i = 0; i != certificateArr.length; i++) {
            this.bZ.put(new CertId(certificateArr[i].getPublicKey()), certificateArr[i]);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new RuntimeException("operation not supported");
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        Hashtable hashtable = new Hashtable();
        Enumeration a = this.bY.a();
        while (a.hasMoreElements()) {
            hashtable.put(a.nextElement(), TextureRenderKeys.KEY_IS_CERT);
        }
        Enumeration a2 = this.bW.a();
        while (a2.hasMoreElements()) {
            Object nextElement = a2.nextElement();
            if (hashtable.get(nextElement) == null) {
                hashtable.put(nextElement, "key");
            }
        }
        return hashtable.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException {
        a(outputStream, cArr, false);
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws IOException, NoSuchAlgorithmException, CertificateException {
        PKCS12StoreParameter pKCS12StoreParameter;
        char[] password;
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'param' arg cannot be null");
        }
        if (loadStoreParameter instanceof PKCS12StoreParameter) {
            pKCS12StoreParameter = (PKCS12StoreParameter) loadStoreParameter;
        } else {
            if (!(loadStoreParameter instanceof JDKPKCS12StoreParameter)) {
                new StringBuilder();
                throw new IllegalArgumentException(O.C("No support for 'param' of type ", loadStoreParameter.getClass().getName()));
            }
            JDKPKCS12StoreParameter jDKPKCS12StoreParameter = (JDKPKCS12StoreParameter) loadStoreParameter;
            pKCS12StoreParameter = new PKCS12StoreParameter(jDKPKCS12StoreParameter.a(), loadStoreParameter.getProtectionParameter(), jDKPKCS12StoreParameter.b());
        }
        KeyStore.ProtectionParameter protectionParameter = loadStoreParameter.getProtectionParameter();
        if (protectionParameter == null) {
            password = null;
        } else {
            if (!(protectionParameter instanceof KeyStore.PasswordProtection)) {
                new StringBuilder();
                throw new IllegalArgumentException(O.C("No support for protection parameter of type ", protectionParameter.getClass().getName()));
            }
            password = ((KeyStore.PasswordProtection) protectionParameter).getPassword();
        }
        a(pKCS12StoreParameter.a(), password, pKCS12StoreParameter.b());
    }
}
