package org.bouncycastle.jcajce.provider.keystore.util;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Map;
import org.bouncycastle.crypto.ExtendedDigest;
import org.bouncycastle.jcajce.BCLoadStoreParameter;
import org.bouncycastle.jcajce.provider.util.DigestFactory;
import org.bouncycastle.jcajce.util.JcaJceHelper;
import org.bouncycastle.util.Strings;
import org.bouncycastle.util.io.Streams;
import org.jivesoftware.smack.util.StringUtils;

/* loaded from: classes5.dex */
public class JKSKeyStoreSpi extends KeyStoreSpi {

    /* renamed from: a, reason: collision with root package name */
    public final Hashtable f60233a = new Hashtable();

    /* renamed from: b, reason: collision with root package name */
    public final JcaJceHelper f60234b;

    /* loaded from: classes5.dex */
    public static final class BCJKSTrustedCertEntry {

        /* renamed from: a, reason: collision with root package name */
        public final Date f60235a;

        /* renamed from: b, reason: collision with root package name */
        public final Certificate f60236b;

        public BCJKSTrustedCertEntry(Date date, Certificate certificate) {
            this.f60235a = date;
            this.f60236b = certificate;
        }
    }

    /* loaded from: classes5.dex */
    public static final class ErasableByteStream extends ByteArrayInputStream {
        public final void c() {
            Arrays.fill(((ByteArrayInputStream) this).buf, (byte) 0);
        }
    }

    public JKSKeyStoreSpi(JcaJceHelper jcaJceHelper) {
        this.f60234b = jcaJceHelper;
    }

    @Override // java.security.KeyStoreSpi
    public final Enumeration engineAliases() {
        Enumeration keys;
        synchronized (this.f60233a) {
            keys = this.f60233a.keys();
        }
        return keys;
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineContainsAlias(String str) {
        boolean containsKey;
        if (str == null) {
            throw new NullPointerException("alias value is null");
        }
        synchronized (this.f60233a) {
            containsKey = this.f60233a.containsKey(str);
        }
        return containsKey;
    }

    @Override // java.security.KeyStoreSpi
    public final void engineDeleteEntry(String str) {
        throw new KeyStoreException("BC JKS store is read-only and only supports certificate entries");
    }

    @Override // java.security.KeyStoreSpi
    public final Certificate engineGetCertificate(String str) {
        synchronized (this.f60233a) {
            try {
                BCJKSTrustedCertEntry bCJKSTrustedCertEntry = (BCJKSTrustedCertEntry) this.f60233a.get(str);
                if (bCJKSTrustedCertEntry == null) {
                    return null;
                }
                return bCJKSTrustedCertEntry.f60236b;
            } catch (Throwable th2) {
                throw th2;
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public final String engineGetCertificateAlias(Certificate certificate) {
        synchronized (this.f60233a) {
            try {
                for (Map.Entry entry : this.f60233a.entrySet()) {
                    if (((BCJKSTrustedCertEntry) entry.getValue()).f60236b.equals(certificate)) {
                        return (String) entry.getKey();
                    }
                }
                return null;
            } catch (Throwable th2) {
                throw th2;
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public final Certificate[] engineGetCertificateChain(String str) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public final Date engineGetCreationDate(String str) {
        synchronized (this.f60233a) {
            try {
                BCJKSTrustedCertEntry bCJKSTrustedCertEntry = (BCJKSTrustedCertEntry) this.f60233a.get(str);
                if (bCJKSTrustedCertEntry == null) {
                    return null;
                }
                return bCJKSTrustedCertEntry.f60235a;
            } catch (Throwable th2) {
                throw th2;
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public final Key engineGetKey(String str, char[] cArr) {
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineIsCertificateEntry(String str) {
        boolean containsKey;
        synchronized (this.f60233a) {
            containsKey = this.f60233a.containsKey(str);
        }
        return containsKey;
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineIsKeyEntry(String str) {
        return false;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r5v5, types: [java.io.ByteArrayInputStream, org.bouncycastle.jcajce.provider.keystore.util.JKSKeyStoreSpi$ErasableByteStream, java.io.InputStream] */
    @Override // java.security.KeyStoreSpi
    public final void engineLoad(InputStream inputStream, char[] cArr) {
        ErasableByteStream byteArrayInputStream;
        CertificateFactory d6;
        Hashtable hashtable;
        CertificateFactory d10;
        if (inputStream == null) {
            return;
        }
        ExtendedDigest a10 = DigestFactory.a(StringUtils.SHA1);
        byte[] a11 = Streams.a(inputStream);
        if (cArr != null) {
            for (int i = 0; i < cArr.length; i++) {
                a10.e((byte) (cArr[i] >> '\b'));
                a10.e((byte) cArr[i]);
            }
            a10.f(0, 16, Strings.c("Mighty Aphrodite"));
            a10.f(0, a11.length - a10.i(), a11);
            int i6 = a10.i();
            byte[] bArr = new byte[i6];
            a10.d(0, bArr);
            byte[] bArr2 = new byte[i6];
            System.arraycopy(a11, a11.length - i6, bArr2, 0, i6);
            if (!org.bouncycastle.util.Arrays.m(bArr, bArr2)) {
                Arrays.fill(a11, (byte) 0);
                throw new IOException("password incorrect or store tampered with");
            }
            byteArrayInputStream = new ByteArrayInputStream(a11, 0, a11.length - i6);
        } else {
            byteArrayInputStream = new ByteArrayInputStream(a11, 0, a11.length - a10.i());
        }
        synchronized (this.f60233a) {
            try {
                DataInputStream dataInputStream = new DataInputStream(byteArrayInputStream);
                int readInt = dataInputStream.readInt();
                int readInt2 = dataInputStream.readInt();
                if (readInt == -17957139) {
                    int i10 = 1;
                    CertificateFactory certificateFactory = null;
                    if (readInt2 == 1) {
                        JcaJceHelper jcaJceHelper = this.f60234b;
                        if (jcaJceHelper != null) {
                            try {
                                d6 = jcaJceHelper.d("X.509");
                            } catch (NoSuchProviderException e10) {
                                throw new CertificateException(e10.toString());
                            }
                        } else {
                            d6 = CertificateFactory.getInstance("X.509");
                        }
                        CertificateFactory certificateFactory2 = d6;
                        hashtable = null;
                        certificateFactory = certificateFactory2;
                    } else {
                        if (readInt2 != 2) {
                            throw new IllegalStateException("unable to discern store version");
                        }
                        hashtable = new Hashtable();
                    }
                    int readInt3 = dataInputStream.readInt();
                    int i11 = 0;
                    CertificateFactory certificateFactory3 = certificateFactory;
                    while (i11 < readInt3) {
                        int readInt4 = dataInputStream.readInt();
                        if (readInt4 == i10) {
                            throw new IOException("BC JKS store is read-only and only supports certificate entries");
                        }
                        if (readInt4 != 2) {
                            throw new IllegalStateException("unable to discern entry type");
                        }
                        String readUTF = dataInputStream.readUTF();
                        Date date = new Date(dataInputStream.readLong());
                        CertificateFactory certificateFactory4 = certificateFactory3;
                        if (readInt2 == 2) {
                            String readUTF2 = dataInputStream.readUTF();
                            if (hashtable.containsKey(readUTF2)) {
                                certificateFactory4 = (CertificateFactory) hashtable.get(readUTF2);
                            } else {
                                JcaJceHelper jcaJceHelper2 = this.f60234b;
                                if (jcaJceHelper2 != null) {
                                    try {
                                        d10 = jcaJceHelper2.d(readUTF2);
                                    } catch (NoSuchProviderException e11) {
                                        throw new CertificateException(e11.toString());
                                    }
                                } else {
                                    d10 = CertificateFactory.getInstance(readUTF2);
                                }
                                hashtable.put(readUTF2, d10);
                                certificateFactory4 = d10;
                            }
                        }
                        int readInt5 = dataInputStream.readInt();
                        byte[] bArr3 = new byte[readInt5];
                        dataInputStream.readFully(bArr3);
                        ?? byteArrayInputStream2 = new ByteArrayInputStream(bArr3, 0, readInt5);
                        try {
                            Certificate generateCertificate = certificateFactory4.generateCertificate(byteArrayInputStream2);
                            if (byteArrayInputStream2.available() != 0) {
                                throw new IOException("password incorrect or store tampered with");
                            }
                            byteArrayInputStream2.c();
                            this.f60233a.put(readUTF, new BCJKSTrustedCertEntry(date, generateCertificate));
                            i11++;
                            i10 = 1;
                            certificateFactory3 = certificateFactory4;
                        } catch (Throwable th2) {
                            byteArrayInputStream2.c();
                            throw th2;
                        }
                    }
                }
                if (byteArrayInputStream.available() != 0) {
                    throw new IOException("password incorrect or store tampered with");
                }
                byteArrayInputStream.c();
            } catch (Throwable th3) {
                byteArrayInputStream.c();
                throw th3;
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public final void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) {
        if (loadStoreParameter == null) {
            return;
        }
        if (!(loadStoreParameter instanceof BCLoadStoreParameter)) {
            throw new IllegalArgumentException("no support for 'param' of type ".concat(loadStoreParameter.getClass().getName()));
        }
        ParameterUtil.a(loadStoreParameter);
    }

    @Override // java.security.KeyStoreSpi
    public final boolean engineProbe(InputStream inputStream) {
        DataInputStream dataInputStream = inputStream instanceof DataInputStream ? (DataInputStream) inputStream : new DataInputStream(inputStream);
        int readInt = dataInputStream.readInt();
        int readInt2 = dataInputStream.readInt();
        if (readInt == -17957139) {
            return readInt2 == 1 || readInt2 == 2;
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetCertificateEntry(String str, Certificate certificate) {
        throw new KeyStoreException("BC JKS store is read-only and only supports certificate entries");
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        throw new KeyStoreException("BC JKS store is read-only and only supports certificate entries");
    }

    @Override // java.security.KeyStoreSpi
    public final void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        throw new KeyStoreException("BC JKS store is read-only and only supports certificate entries");
    }

    @Override // java.security.KeyStoreSpi
    public final int engineSize() {
        return this.f60233a.size();
    }

    @Override // java.security.KeyStoreSpi
    public final void engineStore(OutputStream outputStream, char[] cArr) {
        throw new IOException("BC JKS store is read-only and only supports certificate entries");
    }
}
