package org.bouncycastle.jcajce.provider.keystore.bcfks;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAKey;
import java.security.interfaces.RSAKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.text.ParseException;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import o.AbstractC0038ba;
import o.AbstractC0133ga;
import o.B5;
import o.C0030b2;
import o.C0057ca;
import o.C0076da;
import o.C0114fa;
import o.C0120fg;
import o.C0161i0;
import o.C0165i4;
import o.C0182j3;
import o.C0299p0;
import o.C0309pa;
import o.C0354s;
import o.C0395u2;
import o.C0404ub;
import o.C0453x3;
import o.C0468y;
import o.C5;
import o.C7;
import o.D5;
import o.E5;
import o.E7;
import o.Ef;
import o.F5;
import o.Gd;
import o.H9;
import o.Hd;
import o.InterfaceC0178j;
import o.InterfaceC0226l9;
import o.InterfaceC0328qa;
import o.InterfaceC0505zh;
import o.J7;
import o.J8;
import o.J9;
import o.K0;
import o.K9;
import o.L0;
import o.L7;
import o.L9;
import o.Lh;
import o.M9;
import o.Mc;
import o.N9;
import o.Q0;
import o.R8;
import o.Rf;
import o.S8;
import o.Ta;
import o.Tc;
import o.Uc;
import o.V0;
import org.bouncycastle.jcajce.provider.keystore.util.AdaptingKeyStoreSpi;
import org.bouncycastle.jcajce.provider.keystore.util.ParameterUtil;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class BcFKSKeyStoreSpi extends KeyStoreSpi {
    private static final BigInteger CERTIFICATE;
    private static final BigInteger PRIVATE_KEY;
    private static final BigInteger PROTECTED_PRIVATE_KEY;
    private static final BigInteger PROTECTED_SECRET_KEY;
    private static final BigInteger SECRET_KEY;
    private static final Map<String, C0468y> oidMap;
    private static final Map<C0468y, String> publicAlgMap;
    private Date creationDate;
    private final C7 helper;
    private C0161i0 hmacAlgorithm;
    private J7 hmacPkbdAlgorithm;
    private Date lastModifiedDate;
    private C0161i0 signatureAlgorithm;
    private K0.a validator;
    private PublicKey verificationKey;
    private final Map<String, J9> entries = new HashMap();
    private final Map<String, PrivateKey> privateKeyCache = new HashMap();
    private C0468y storeEncryptionAlgorithm = R8.V;

    /* loaded from: classes.dex */
    public static class Def extends BcFKSKeyStoreSpi {
        public Def() {
            super(new C0165i4());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes.dex */
    public static class DefCompat extends AdaptingKeyStoreSpi {
        public DefCompat() {
            super(new C0165i4(), new BcFKSKeyStoreSpi(new C0165i4()));
        }
    }

    /* loaded from: classes.dex */
    public static class DefShared extends SharedKeyStoreSpi {
        public DefShared() {
            super(new C0165i4());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes.dex */
    public static class DefSharedCompat extends AdaptingKeyStoreSpi {
        public DefSharedCompat() {
            super(new C0165i4(), new BcFKSKeyStoreSpi(new C0165i4()));
        }
    }

    /* loaded from: classes.dex */
    public static class ExtKeyStoreException extends KeyStoreException {
        private final Throwable cause;

        public ExtKeyStoreException(String str, Throwable th) {
            super(str);
            this.cause = th;
        }

        @Override // java.lang.Throwable
        public Throwable getCause() {
            return this.cause;
        }
    }

    /* loaded from: classes.dex */
    public static class SharedKeyStoreSpi extends BcFKSKeyStoreSpi implements InterfaceC0328qa, InterfaceC0505zh {
        private final Map<String, byte[]> cache;
        private final byte[] seedKey;

        public SharedKeyStoreSpi(C7 c7) {
            super(c7);
            try {
                byte[] bArr = new byte[32];
                this.seedKey = bArr;
                c7.i("DEFAULT").nextBytes(bArr);
                this.cache = new HashMap();
            } catch (GeneralSecurityException e) {
                throw new IllegalArgumentException("can't create random - " + e.toString());
            }
        }

        private byte[] calculateMac(String str, char[] cArr) {
            return Mc.i(cArr != null ? C0299p0.k(C0120fg.j(cArr), C0120fg.i(str)) : C0299p0.k(this.seedKey, C0120fg.i(str)), this.seedKey, 16384, 8, 1, 32);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineDeleteEntry(String str) {
            throw new KeyStoreException("delete operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public Key engineGetKey(String str, char[] cArr) {
            try {
                byte[] calculateMac = calculateMac(str, cArr);
                if (!this.cache.containsKey(str) || C0299p0.n(this.cache.get(str), calculateMac)) {
                    Key engineGetKey = super.engineGetKey(str, cArr);
                    if (engineGetKey != null && !this.cache.containsKey(str)) {
                        this.cache.put(str, calculateMac);
                    }
                    return engineGetKey;
                }
                throw new UnrecoverableKeyException("unable to recover key (" + str + ")");
            } catch (InvalidKeyException e) {
                throw new UnrecoverableKeyException("unable to recover key (" + str + "): " + e.getMessage());
            }
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetCertificateEntry(String str, Certificate certificate) {
            throw new KeyStoreException("set operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
            throw new KeyStoreException("set operation not supported in shared mode");
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
            throw new KeyStoreException("set operation not supported in shared mode");
        }
    }

    /* loaded from: classes.dex */
    public static class Std extends BcFKSKeyStoreSpi {
        public Std() {
            super(new Q0());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes.dex */
    public static class StdCompat extends AdaptingKeyStoreSpi {
        public StdCompat() {
            super(new C0165i4(), new BcFKSKeyStoreSpi(new Q0()));
        }
    }

    /* loaded from: classes.dex */
    public static class StdShared extends SharedKeyStoreSpi {
        public StdShared() {
            super(new Q0());
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Enumeration engineAliases() {
            return super.engineAliases();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineContainsAlias(String str) {
            return super.engineContainsAlias(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineDeleteEntry(String str) {
            super.engineDeleteEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate engineGetCertificate(String str) {
            return super.engineGetCertificate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ String engineGetCertificateAlias(Certificate certificate) {
            return super.engineGetCertificateAlias(certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Certificate[] engineGetCertificateChain(String str) {
            return super.engineGetCertificateChain(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Date engineGetCreationDate(String str) {
            return super.engineGetCreationDate(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ Key engineGetKey(String str, char[] cArr) {
            return super.engineGetKey(str, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsCertificateEntry(String str) {
            return super.engineIsCertificateEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ boolean engineIsKeyEntry(String str) {
            return super.engineIsKeyEntry(str);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(InputStream inputStream, char[] cArr) {
            super.engineLoad(inputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) {
            super.engineLoad(loadStoreParameter);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetCertificateEntry(String str, Certificate certificate) {
            super.engineSetCertificateEntry(str, certificate);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
            super.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.SharedKeyStoreSpi, org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
            super.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ int engineSize() {
            return super.engineSize();
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(OutputStream outputStream, char[] cArr) {
            super.engineStore(outputStream, cArr);
        }

        @Override // org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi, java.security.KeyStoreSpi
        public /* bridge */ /* synthetic */ void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) {
            super.engineStore(loadStoreParameter);
        }
    }

    /* loaded from: classes.dex */
    public static class StdSharedCompat extends AdaptingKeyStoreSpi {
        public StdSharedCompat() {
            super(new Q0(), new BcFKSKeyStoreSpi(new Q0()));
        }
    }

    static {
        HashMap hashMap = new HashMap();
        oidMap = hashMap;
        HashMap hashMap2 = new HashMap();
        publicAlgMap = hashMap2;
        C0468y c0468y = H9.h;
        hashMap.put("DESEDE", c0468y);
        hashMap.put("TRIPLEDES", c0468y);
        hashMap.put("TDEA", c0468y);
        hashMap.put("HMACSHA1", InterfaceC0328qa.L);
        hashMap.put("HMACSHA224", InterfaceC0328qa.M);
        hashMap.put("HMACSHA256", InterfaceC0328qa.N);
        hashMap.put("HMACSHA384", InterfaceC0328qa.O);
        hashMap.put("HMACSHA512", InterfaceC0328qa.P);
        hashMap.put("SEED", E7.a);
        hashMap.put("CAMELLIA.128", InterfaceC0226l9.a);
        hashMap.put("CAMELLIA.192", InterfaceC0226l9.b);
        hashMap.put("CAMELLIA.256", InterfaceC0226l9.c);
        hashMap.put("ARIA.128", S8.h);
        hashMap.put("ARIA.192", S8.m);
        hashMap.put("ARIA.256", S8.r);
        hashMap2.put(InterfaceC0328qa.b, "RSA");
        hashMap2.put(Lh.I2, "EC");
        hashMap2.put(H9.l, "DH");
        hashMap2.put(InterfaceC0328qa.s, "DH");
        hashMap2.put(Lh.s3, "DSA");
        CERTIFICATE = BigInteger.valueOf(0L);
        PRIVATE_KEY = BigInteger.valueOf(1L);
        SECRET_KEY = BigInteger.valueOf(2L);
        PROTECTED_PRIVATE_KEY = BigInteger.valueOf(3L);
        PROTECTED_SECRET_KEY = BigInteger.valueOf(4L);
    }

    public BcFKSKeyStoreSpi(C7 c7) {
        this.helper = c7;
    }

    private byte[] calculateMac(byte[] bArr, C0161i0 c0161i0, J7 j7, char[] cArr) {
        String x = c0161i0.i().x();
        Mac b = this.helper.b(x);
        try {
            if (cArr == null) {
                cArr = new char[0];
            }
            b.init(new SecretKeySpec(generateKey(j7, "INTEGRITY_CHECK", cArr, -1), x));
            return b.doFinal(bArr);
        } catch (InvalidKeyException e) {
            throw new IOException("Cannot set up MAC calculation: " + e.getMessage());
        }
    }

    private Cipher createCipher(String str, byte[] bArr) {
        Cipher g = this.helper.g(str);
        g.init(1, new SecretKeySpec(bArr, "AES"));
        return g;
    }

    private C5 createPrivateKeySequence(D5 d5, Certificate[] certificateArr) {
        C0395u2[] c0395u2Arr = new C0395u2[certificateArr.length];
        for (int i = 0; i != certificateArr.length; i++) {
            c0395u2Arr[i] = C0395u2.j(certificateArr[i].getEncoded());
        }
        return new C5(d5, c0395u2Arr);
    }

    private Certificate decodeCertificate(Object obj) {
        C7 c7 = this.helper;
        if (c7 != null) {
            try {
                return c7.d("X.509").generateCertificate(new ByteArrayInputStream(C0395u2.j(obj).getEncoded()));
            } catch (Exception unused) {
                return null;
            }
        }
        try {
            return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(C0395u2.j(obj).getEncoded()));
        } catch (Exception unused2) {
            return null;
        }
    }

    private byte[] decryptData(String str, C0161i0 c0161i0, char[] cArr, byte[] bArr) {
        Cipher g;
        AlgorithmParameters algorithmParameters;
        if (!c0161i0.i().o(InterfaceC0328qa.B)) {
            throw new IOException("BCFKS KeyStore cannot recognize protection algorithm.");
        }
        C0057ca j = C0057ca.j(c0161i0.l());
        F5 i = j.i();
        try {
            if (i.i().o(R8.V)) {
                g = this.helper.g("AES/CCM/NoPadding");
                algorithmParameters = this.helper.c("CCM");
                algorithmParameters.init(C0030b2.i(i.k()).getEncoded());
            } else {
                if (!i.i().o(R8.W)) {
                    throw new IOException("BCFKS KeyStore cannot recognize protection encryption algorithm.");
                }
                g = this.helper.g("AESKWP");
                algorithmParameters = null;
            }
            J7 k = j.k();
            if (cArr == null) {
                cArr = new char[0];
            }
            g.init(2, new SecretKeySpec(generateKey(k, str, cArr, 32), "AES"), algorithmParameters);
            return g.doFinal(bArr);
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            throw new IOException(e2.toString());
        }
    }

    private Date extractCreationDate(J9 j9, Date date) {
        try {
            return j9.i().w();
        } catch (ParseException unused) {
            return date;
        }
    }

    private byte[] generateKey(J7 j7, String str, char[] cArr, int i) {
        byte[] a = AbstractC0038ba.a(cArr);
        byte[] a2 = AbstractC0038ba.a(str.toCharArray());
        if (J8.O.o(j7.i())) {
            Hd k = Hd.k(j7.k());
            if (k.l() != null) {
                i = k.l().intValue();
            } else if (i == -1) {
                throw new IOException("no keyLength found in ScryptParams");
            }
            return Mc.i(C0299p0.k(a, a2), k.n(), k.j().intValue(), k.i().intValue(), k.i().intValue(), i);
        }
        if (!j7.i().o(InterfaceC0328qa.A)) {
            throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD.");
        }
        C0114fa i2 = C0114fa.i(j7.k());
        if (i2.k() != null) {
            i = i2.k().intValue();
        } else if (i == -1) {
            throw new IOException("no keyLength found in PBKDF2Params");
        }
        if (i2.l().i().o(InterfaceC0328qa.P)) {
            C0309pa c0309pa = new C0309pa(new Uc());
            c0309pa.c(C0299p0.k(a, a2), i2.m(), i2.j().intValue());
            return ((L7) c0309pa.f(i * 8)).a();
        }
        if (i2.l().i().o(R8.r)) {
            C0309pa c0309pa2 = new C0309pa(new Tc(512));
            c0309pa2.c(C0299p0.k(a, a2), i2.m(), i2.j().intValue());
            return ((L7) c0309pa2.f(i * 8)).a();
        }
        throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD PRF: " + i2.l().i());
    }

    private J7 generatePkbdAlgorithmIdentifier(J7 j7, int i) {
        C0468y c0468y = J8.O;
        boolean o2 = c0468y.o(j7.i());
        InterfaceC0178j k = j7.k();
        if (o2) {
            Hd k2 = Hd.k(k);
            byte[] bArr = new byte[k2.n().length];
            getDefaultSecureRandom().nextBytes(bArr);
            return new J7(c0468y, new Hd(bArr, k2.j(), k2.i(), k2.m(), BigInteger.valueOf(i)));
        }
        C0114fa i2 = C0114fa.i(k);
        byte[] bArr2 = new byte[i2.m().length];
        getDefaultSecureRandom().nextBytes(bArr2);
        return new J7(InterfaceC0328qa.A, new C0114fa(bArr2, i2.j().intValue(), i, i2.l()));
    }

    private J7 generatePkbdAlgorithmIdentifier(AbstractC0133ga abstractC0133ga, int i) {
        C0468y c0468y = J8.O;
        if (c0468y.o(abstractC0133ga.a())) {
            Gd gd = (Gd) abstractC0133ga;
            byte[] bArr = new byte[gd.e()];
            getDefaultSecureRandom().nextBytes(bArr);
            return new J7(c0468y, new Hd(bArr, gd.c(), gd.b(), gd.d(), i));
        }
        C0076da c0076da = (C0076da) abstractC0133ga;
        byte[] bArr2 = new byte[c0076da.d()];
        getDefaultSecureRandom().nextBytes(bArr2);
        return new J7(InterfaceC0328qa.A, new C0114fa(bArr2, c0076da.b(), i, c0076da.c()));
    }

    private J7 generatePkbdAlgorithmIdentifier(C0468y c0468y, int i) {
        byte[] bArr = new byte[64];
        getDefaultSecureRandom().nextBytes(bArr);
        C0468y c0468y2 = InterfaceC0328qa.A;
        if (c0468y2.o(c0468y)) {
            return new J7(c0468y2, new C0114fa(bArr, 51200, i, new C0161i0(InterfaceC0328qa.P, C0453x3.O3)));
        }
        throw new IllegalStateException("unknown derivation algorithm: " + c0468y);
    }

    private C0161i0 generateSignatureAlgId(Key key, K0.d dVar) {
        if (key == null) {
            return null;
        }
        if (key instanceof DSAKey) {
            if (dVar == K0.d.SHA512withDSA) {
                return new C0161i0(R8.d0);
            }
            if (dVar == K0.d.SHA3_512withDSA) {
                return new C0161i0(R8.h0);
            }
        }
        if (key instanceof RSAKey) {
            if (dVar == K0.d.SHA512withRSA) {
                return new C0161i0(InterfaceC0328qa.n, C0453x3.O3);
            }
            if (dVar == K0.d.SHA3_512withRSA) {
                return new C0161i0(R8.p0, C0453x3.O3);
            }
        }
        throw new IOException("unknown signature algorithm");
    }

    private SecureRandom getDefaultSecureRandom() {
        return C0182j3.d();
    }

    private B5 getEncryptedObjectStoreData(C0161i0 c0161i0, char[] cArr) {
        J9[] j9Arr = (J9[]) this.entries.values().toArray(new J9[this.entries.size()]);
        J7 generatePkbdAlgorithmIdentifier = generatePkbdAlgorithmIdentifier(this.hmacPkbdAlgorithm, 32);
        if (cArr == null) {
            cArr = new char[0];
        }
        byte[] generateKey = generateKey(generatePkbdAlgorithmIdentifier, "STORE_ENCRYPTION", cArr, 32);
        M9 m9 = new M9(c0161i0, this.creationDate, this.lastModifiedDate, new K9(j9Arr), null);
        try {
            C0468y c0468y = this.storeEncryptionAlgorithm;
            C0468y c0468y2 = R8.V;
            if (!c0468y.o(c0468y2)) {
                return new B5(new C0161i0(InterfaceC0328qa.B, new C0057ca(generatePkbdAlgorithmIdentifier, new F5(R8.W))), createCipher("AESKWP", generateKey).doFinal(m9.getEncoded()));
            }
            Cipher createCipher = createCipher("AES/CCM/NoPadding", generateKey);
            return new B5(new C0161i0(InterfaceC0328qa.B, new C0057ca(generatePkbdAlgorithmIdentifier, new F5(c0468y2, C0030b2.i(createCipher.getParameters().getEncoded())))), createCipher.doFinal(m9.getEncoded()));
        } catch (InvalidKeyException e) {
            throw new IOException(e.toString());
        } catch (NoSuchProviderException e2) {
            throw new IOException(e2.toString());
        } catch (BadPaddingException e3) {
            throw new IOException(e3.toString());
        } catch (IllegalBlockSizeException e4) {
            throw new IOException(e4.toString());
        } catch (NoSuchPaddingException e5) {
            throw new NoSuchAlgorithmException(e5.toString());
        }
    }

    private static String getPublicKeyAlg(C0468y c0468y) {
        String str = publicAlgMap.get(c0468y);
        return str != null ? str : c0468y.x();
    }

    private boolean isSimilarHmacPbkd(AbstractC0133ga abstractC0133ga, J7 j7) {
        if (!abstractC0133ga.a().o(j7.i())) {
            return false;
        }
        if (J8.O.o(j7.i())) {
            if (!(abstractC0133ga instanceof Gd)) {
                return false;
            }
            Gd gd = (Gd) abstractC0133ga;
            Hd k = Hd.k(j7.k());
            return gd.e() == k.n().length && gd.b() == k.i().intValue() && gd.c() == k.j().intValue() && gd.d() == k.m().intValue();
        }
        if (!(abstractC0133ga instanceof C0076da)) {
            return false;
        }
        C0076da c0076da = (C0076da) abstractC0133ga;
        C0114fa i = C0114fa.i(j7.k());
        return c0076da.d() == i.m().length && c0076da.b() == i.j().intValue();
    }

    private void verifyMac(byte[] bArr, Ta ta, char[] cArr) {
        if (!C0299p0.n(calculateMac(bArr, ta.k(), ta.l(), cArr), ta.j())) {
            throw new IOException("BCFKS KeyStore corrupted: MAC calculation failed");
        }
    }

    private void verifySig(InterfaceC0178j interfaceC0178j, Rf rf, PublicKey publicKey) {
        Signature a = this.helper.a(rf.l().i().x());
        a.initVerify(publicKey);
        a.update(interfaceC0178j.d().h("DER"));
        if (!a.verify(rf.k().w())) {
            throw new IOException("BCFKS KeyStore corrupted: signature calculation failed");
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        final Iterator it = new HashSet(this.entries.keySet()).iterator();
        return new Enumeration() { // from class: org.bouncycastle.jcajce.provider.keystore.bcfks.BcFKSKeyStoreSpi.1
            @Override // java.util.Enumeration
            public boolean hasMoreElements() {
                return it.hasNext();
            }

            @Override // java.util.Enumeration
            public Object nextElement() {
                return it.next();
            }
        };
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        if (str != null) {
            return this.entries.containsKey(str);
        }
        throw new NullPointerException("alias value is null");
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) {
        if (this.entries.get(str) == null) {
            return;
        }
        this.privateKeyCache.remove(str);
        this.entries.remove(str);
        this.lastModifiedDate = new Date();
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        J9 j9 = this.entries.get(str);
        if (j9 == null) {
            return null;
        }
        if (j9.n().equals(PRIVATE_KEY) || j9.n().equals(PROTECTED_PRIVATE_KEY)) {
            return decodeCertificate(C5.k(j9.j()).i()[0]);
        }
        if (j9.n().equals(CERTIFICATE)) {
            return decodeCertificate(j9.j());
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        try {
            byte[] encoded = certificate.getEncoded();
            for (String str : this.entries.keySet()) {
                J9 j9 = this.entries.get(str);
                if (j9.n().equals(CERTIFICATE)) {
                    if (C0299p0.b(j9.j(), encoded)) {
                        return str;
                    }
                } else if (j9.n().equals(PRIVATE_KEY) || j9.n().equals(PROTECTED_PRIVATE_KEY)) {
                    try {
                        if (C0299p0.b(C5.k(j9.j()).i()[0].d().getEncoded(), encoded)) {
                            return str;
                        }
                    } catch (IOException unused) {
                    }
                }
            }
        } catch (CertificateEncodingException unused2) {
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        J9 j9 = this.entries.get(str);
        if (j9 == null) {
            return null;
        }
        if (!j9.n().equals(PRIVATE_KEY) && !j9.n().equals(PROTECTED_PRIVATE_KEY)) {
            return null;
        }
        C0395u2[] i = C5.k(j9.j()).i();
        int length = i.length;
        X509Certificate[] x509CertificateArr = new X509Certificate[length];
        for (int i2 = 0; i2 != length; i2++) {
            x509CertificateArr[i2] = decodeCertificate(i[i2]);
        }
        return x509CertificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        J9 j9 = this.entries.get(str);
        if (j9 == null) {
            return null;
        }
        try {
            return j9.m().w();
        } catch (ParseException unused) {
            return new Date();
        }
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) {
        J9 j9 = this.entries.get(str);
        if (j9 == null) {
            return null;
        }
        if (j9.n().equals(PRIVATE_KEY) || j9.n().equals(PROTECTED_PRIVATE_KEY)) {
            PrivateKey privateKey = this.privateKeyCache.get(str);
            if (privateKey != null) {
                return privateKey;
            }
            D5 k = D5.k(C5.k(j9.j()).j());
            try {
                C0404ub j = C0404ub.j(decryptData("PRIVATE_KEY_ENCRYPTION", k.j(), cArr, k.i()));
                PrivateKey generatePrivate = this.helper.h(getPublicKeyAlg(j.k().i())).generatePrivate(new PKCS8EncodedKeySpec(j.getEncoded()));
                this.privateKeyCache.put(str, generatePrivate);
                return generatePrivate;
            } catch (Exception e) {
                throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover private key (" + str + "): " + e.getMessage());
            }
        }
        if (!j9.n().equals(SECRET_KEY) && !j9.n().equals(PROTECTED_SECRET_KEY)) {
            throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + str + "): type not recognized");
        }
        E5 j2 = E5.j(j9.j());
        try {
            Ef i = Ef.i(decryptData("SECRET_KEY_ENCRYPTION", j2.k(), cArr, j2.i()));
            return this.helper.f(i.j().x()).generateSecret(new SecretKeySpec(i.k(), i.j().x()));
        } catch (Exception e2) {
            throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + str + "): " + e2.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        J9 j9 = this.entries.get(str);
        if (j9 != null) {
            return j9.n().equals(CERTIFICATE);
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        J9 j9 = this.entries.get(str);
        if (j9 == null) {
            return false;
        }
        BigInteger n = j9.n();
        return n.equals(PRIVATE_KEY) || n.equals(SECRET_KEY) || n.equals(PROTECTED_PRIVATE_KEY) || n.equals(PROTECTED_SECRET_KEY);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) {
        C0161i0 l;
        M9 j;
        this.entries.clear();
        this.privateKeyCache.clear();
        this.creationDate = null;
        this.lastModifiedDate = null;
        this.hmacAlgorithm = null;
        if (inputStream == null) {
            Date date = new Date();
            this.creationDate = date;
            this.lastModifiedDate = date;
            this.verificationKey = null;
            this.hmacAlgorithm = new C0161i0(InterfaceC0328qa.P, C0453x3.O3);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(InterfaceC0328qa.A, 64);
            return;
        }
        try {
            L9 i = L9.i(new C0354s(inputStream).j());
            N9 j2 = i.j();
            if (j2.k() == 0) {
                Ta i2 = Ta.i(j2.j());
                this.hmacAlgorithm = i2.k();
                this.hmacPkbdAlgorithm = i2.l();
                l = this.hmacAlgorithm;
                try {
                    verifyMac(i.k().d().getEncoded(), i2, cArr);
                } catch (NoSuchProviderException e) {
                    throw new IOException(e.getMessage());
                }
            } else {
                if (j2.k() != 1) {
                    throw new IOException("BCFKS KeyStore unable to recognize integrity check.");
                }
                Rf j3 = Rf.j(j2.j());
                l = j3.l();
                try {
                    j3.i();
                    verifySig(i.k(), j3, this.verificationKey);
                } catch (GeneralSecurityException e2) {
                    throw new IOException("error verifying signature: " + e2.getMessage(), e2);
                }
            }
            InterfaceC0178j k = i.k();
            if (k instanceof B5) {
                B5 b5 = (B5) k;
                j = M9.j(decryptData("STORE_ENCRYPTION", b5.j(), cArr, b5.i().v()));
            } else {
                j = M9.j(k);
            }
            try {
                this.creationDate = j.i().w();
                this.lastModifiedDate = j.l().w();
                if (!j.k().equals(l)) {
                    throw new IOException("BCFKS KeyStore storeData integrity algorithm does not match store integrity algorithm.");
                }
                Iterator<InterfaceC0178j> it = j.m().iterator();
                while (it.hasNext()) {
                    J9 l2 = J9.l(it.next());
                    this.entries.put(l2.k(), l2);
                }
            } catch (ParseException unused) {
                throw new IOException("BCFKS KeyStore unable to parse store data information.");
            }
        } catch (Exception e3) {
            throw new IOException(e3.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) {
        if (loadStoreParameter == null) {
            engineLoad(null, null);
            return;
        }
        if (!(loadStoreParameter instanceof K0)) {
            if (loadStoreParameter instanceof V0) {
                engineLoad(((V0) loadStoreParameter).a(), ParameterUtil.extractPassword(loadStoreParameter));
                return;
            }
            throw new IllegalArgumentException("no support for 'parameter' of type " + loadStoreParameter.getClass().getName());
        }
        K0 k0 = (K0) loadStoreParameter;
        char[] extractPassword = ParameterUtil.extractPassword(k0);
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(k0.g(), 64);
        this.storeEncryptionAlgorithm = k0.e() == K0.b.AES256_CCM ? R8.V : R8.W;
        this.hmacAlgorithm = k0.f() == K0.c.HmacSHA512 ? new C0161i0(InterfaceC0328qa.P, C0453x3.O3) : new C0161i0(R8.r, C0453x3.O3);
        this.verificationKey = (PublicKey) k0.i();
        k0.c();
        this.signatureAlgorithm = generateSignatureAlgId(this.verificationKey, k0.h());
        C0468y c0468y = this.storeEncryptionAlgorithm;
        InputStream a = k0.a();
        engineLoad(a, extractPassword);
        if (a != null) {
            if (!isSimilarHmacPbkd(k0.g(), this.hmacPkbdAlgorithm) || !c0468y.o(this.storeEncryptionAlgorithm)) {
                throw new IOException("configuration parameters do not match existing store");
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) {
        Date date;
        J9 j9 = this.entries.get(str);
        Date date2 = new Date();
        if (j9 == null) {
            date = date2;
        } else {
            if (!j9.n().equals(CERTIFICATE)) {
                throw new KeyStoreException("BCFKS KeyStore already has a key entry with alias " + str);
            }
            date = extractCreationDate(j9, date2);
        }
        try {
            this.entries.put(str, new J9(CERTIFICATE, str, date, date2, certificate.getEncoded(), null));
            this.lastModifiedDate = date2;
        } catch (CertificateEncodingException e) {
            throw new ExtKeyStoreException("BCFKS KeyStore unable to handle certificate: " + e.getMessage(), e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        Ef ef;
        E5 e5;
        D5 d5;
        Date date = new Date();
        J9 j9 = this.entries.get(str);
        Date extractCreationDate = j9 != null ? extractCreationDate(j9, date) : date;
        this.privateKeyCache.remove(str);
        if (key instanceof PrivateKey) {
            if (certificateArr == null) {
                throw new KeyStoreException("BCFKS KeyStore requires a certificate chain for private key storage.");
            }
            try {
                byte[] encoded = key.getEncoded();
                J7 generatePkbdAlgorithmIdentifier = generatePkbdAlgorithmIdentifier(InterfaceC0328qa.A, 32);
                if (cArr == null) {
                    cArr = new char[0];
                }
                byte[] generateKey = generateKey(generatePkbdAlgorithmIdentifier, "PRIVATE_KEY_ENCRYPTION", cArr, 32);
                C0468y c0468y = this.storeEncryptionAlgorithm;
                C0468y c0468y2 = R8.V;
                if (c0468y.o(c0468y2)) {
                    Cipher createCipher = createCipher("AES/CCM/NoPadding", generateKey);
                    d5 = new D5(new C0161i0(InterfaceC0328qa.B, new C0057ca(generatePkbdAlgorithmIdentifier, new F5(c0468y2, C0030b2.i(createCipher.getParameters().getEncoded())))), createCipher.doFinal(encoded));
                } else {
                    d5 = new D5(new C0161i0(InterfaceC0328qa.B, new C0057ca(generatePkbdAlgorithmIdentifier, new F5(R8.W))), createCipher("AESKWP", generateKey).doFinal(encoded));
                }
                this.entries.put(str, new J9(PRIVATE_KEY, str, extractCreationDate, date, createPrivateKeySequence(d5, certificateArr).getEncoded(), null));
            } catch (Exception e) {
                throw new ExtKeyStoreException("BCFKS KeyStore exception storing private key: " + e.toString(), e);
            }
        } else {
            if (!(key instanceof SecretKey)) {
                throw new KeyStoreException("BCFKS KeyStore unable to recognize key.");
            }
            if (certificateArr != null) {
                throw new KeyStoreException("BCFKS KeyStore cannot store certificate chain with secret key.");
            }
            try {
                byte[] encoded2 = key.getEncoded();
                J7 generatePkbdAlgorithmIdentifier2 = generatePkbdAlgorithmIdentifier(InterfaceC0328qa.A, 32);
                if (cArr == null) {
                    cArr = new char[0];
                }
                byte[] generateKey2 = generateKey(generatePkbdAlgorithmIdentifier2, "SECRET_KEY_ENCRYPTION", cArr, 32);
                String k = C0120fg.k(key.getAlgorithm());
                if (k.indexOf("AES") > -1) {
                    ef = new Ef(R8.w, encoded2);
                } else {
                    Map<String, C0468y> map = oidMap;
                    C0468y c0468y3 = map.get(k);
                    if (c0468y3 != null) {
                        ef = new Ef(c0468y3, encoded2);
                    } else {
                        C0468y c0468y4 = map.get(k + "." + (encoded2.length * 8));
                        if (c0468y4 == null) {
                            throw new KeyStoreException("BCFKS KeyStore cannot recognize secret key (" + k + ") for storage.");
                        }
                        ef = new Ef(c0468y4, encoded2);
                    }
                }
                C0468y c0468y5 = this.storeEncryptionAlgorithm;
                C0468y c0468y6 = R8.V;
                if (c0468y5.o(c0468y6)) {
                    Cipher createCipher2 = createCipher("AES/CCM/NoPadding", generateKey2);
                    e5 = new E5(new C0161i0(InterfaceC0328qa.B, new C0057ca(generatePkbdAlgorithmIdentifier2, new F5(c0468y6, C0030b2.i(createCipher2.getParameters().getEncoded())))), createCipher2.doFinal(ef.getEncoded()));
                } else {
                    e5 = new E5(new C0161i0(InterfaceC0328qa.B, new C0057ca(generatePkbdAlgorithmIdentifier2, new F5(R8.W))), createCipher("AESKWP", generateKey2).doFinal(ef.getEncoded()));
                }
                this.entries.put(str, new J9(SECRET_KEY, str, extractCreationDate, date, e5.getEncoded(), null));
            } catch (Exception e2) {
                throw new ExtKeyStoreException("BCFKS KeyStore exception storing private key: " + e2.toString(), e2);
            }
        }
        this.lastModifiedDate = date;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        Date date = new Date();
        J9 j9 = this.entries.get(str);
        Date extractCreationDate = j9 != null ? extractCreationDate(j9, date) : date;
        if (certificateArr != null) {
            try {
                D5 k = D5.k(bArr);
                try {
                    this.privateKeyCache.remove(str);
                    this.entries.put(str, new J9(PROTECTED_PRIVATE_KEY, str, extractCreationDate, date, createPrivateKeySequence(k, certificateArr).getEncoded(), null));
                } catch (Exception e) {
                    throw new ExtKeyStoreException("BCFKS KeyStore exception storing protected private key: " + e.toString(), e);
                }
            } catch (Exception e2) {
                throw new ExtKeyStoreException("BCFKS KeyStore private key encoding must be an EncryptedPrivateKeyInfo.", e2);
            }
        } else {
            try {
                this.entries.put(str, new J9(PROTECTED_SECRET_KEY, str, extractCreationDate, date, bArr, null));
            } catch (Exception e3) {
                throw new ExtKeyStoreException("BCFKS KeyStore exception storing protected private key: " + e3.toString(), e3);
            }
        }
        this.lastModifiedDate = date;
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.entries.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        J7 j7;
        BigInteger k;
        if (this.creationDate == null) {
            throw new IOException("KeyStore not initialized");
        }
        B5 encryptedObjectStoreData = getEncryptedObjectStoreData(this.hmacAlgorithm, cArr);
        if (J8.O.o(this.hmacPkbdAlgorithm.i())) {
            Hd k2 = Hd.k(this.hmacPkbdAlgorithm.k());
            j7 = this.hmacPkbdAlgorithm;
            k = k2.l();
        } else {
            C0114fa i = C0114fa.i(this.hmacPkbdAlgorithm.k());
            j7 = this.hmacPkbdAlgorithm;
            k = i.k();
        }
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(j7, k.intValue());
        try {
            outputStream.write(new L9(encryptedObjectStoreData, new N9(new Ta(this.hmacAlgorithm, this.hmacPkbdAlgorithm, calculateMac(encryptedObjectStoreData.getEncoded(), this.hmacAlgorithm, this.hmacPkbdAlgorithm, cArr)))).getEncoded());
            outputStream.flush();
        } catch (NoSuchProviderException e) {
            throw new IOException("cannot calculate mac: " + e.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) {
        Rf rf;
        if (loadStoreParameter == null) {
            throw new IllegalArgumentException("'parameter' arg cannot be null");
        }
        if (loadStoreParameter instanceof L0) {
            L0 l0 = (L0) loadStoreParameter;
            char[] extractPassword = ParameterUtil.extractPassword(loadStoreParameter);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(l0.b(), 64);
            engineStore(l0.a(), extractPassword);
            return;
        }
        if (!(loadStoreParameter instanceof K0)) {
            if (loadStoreParameter instanceof V0) {
                engineStore(((V0) loadStoreParameter).b(), ParameterUtil.extractPassword(loadStoreParameter));
                return;
            }
            throw new IllegalArgumentException("no support for 'parameter' of type " + loadStoreParameter.getClass().getName());
        }
        K0 k0 = (K0) loadStoreParameter;
        if (k0.i() == null) {
            char[] extractPassword2 = ParameterUtil.extractPassword(k0);
            this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(k0.g(), 64);
            this.storeEncryptionAlgorithm = k0.e() == K0.b.AES256_CCM ? R8.V : R8.W;
            this.hmacAlgorithm = k0.f() == K0.c.HmacSHA512 ? new C0161i0(InterfaceC0328qa.P, C0453x3.O3) : new C0161i0(R8.r, C0453x3.O3);
            engineStore(k0.b(), extractPassword2);
            return;
        }
        this.signatureAlgorithm = generateSignatureAlgId(k0.i(), k0.h());
        this.hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(k0.g(), 64);
        this.storeEncryptionAlgorithm = k0.e() == K0.b.AES256_CCM ? R8.V : R8.W;
        this.hmacAlgorithm = k0.f() == K0.c.HmacSHA512 ? new C0161i0(InterfaceC0328qa.P, C0453x3.O3) : new C0161i0(R8.r, C0453x3.O3);
        B5 encryptedObjectStoreData = getEncryptedObjectStoreData(this.signatureAlgorithm, ParameterUtil.extractPassword(k0));
        try {
            Signature a = this.helper.a(this.signatureAlgorithm.i().x());
            a.initSign((PrivateKey) k0.i());
            a.update(encryptedObjectStoreData.getEncoded());
            X509Certificate[] d = k0.d();
            if (d != null) {
                int length = d.length;
                C0395u2[] c0395u2Arr = new C0395u2[length];
                for (int i = 0; i != length; i++) {
                    c0395u2Arr[i] = C0395u2.j(d[i].getEncoded());
                }
                rf = new Rf(this.signatureAlgorithm, c0395u2Arr, a.sign());
            } else {
                rf = new Rf(this.signatureAlgorithm, a.sign());
            }
            k0.b().write(new L9(encryptedObjectStoreData, new N9(rf)).getEncoded());
            k0.b().flush();
        } catch (GeneralSecurityException e) {
            throw new IOException("error creating signature: " + e.getMessage(), e);
        }
    }
}
