package iaik.pkcs.pkcs12;

import iaik.asn1.ASN1Object;
import iaik.asn1.CodingException;
import iaik.asn1.structures.AlgorithmID;
import iaik.pkcs.PKCSException;
import iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo;
import iaik.utils.CryptoUtils;
import iaik.utils.Util;
import iaik.x509.X509Certificate;
import iaik.x509.extensions.SubjectKeyIdentifier;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Random;
import java.util.Vector;

/* loaded from: input_file:iaik/pkcs/pkcs12/PKCS12KeyStore.class */
public class PKCS12KeyStore extends KeyStoreSpi {
    private Hashtable a = new Hashtable();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:iaik/pkcs/pkcs12/PKCS12KeyStore$a.class */
    public static class a {
        private PKCS8ShroudedKeyBag a;
        private X509Certificate[] b;
        private byte[] c;

        a(PKCS8ShroudedKeyBag pKCS8ShroudedKeyBag, X509Certificate[] x509CertificateArr, byte[] bArr) {
            this.a = pKCS8ShroudedKeyBag;
            this.b = x509CertificateArr;
            this.c = bArr;
        }

        public PKCS8ShroudedKeyBag a() {
            return this.a;
        }

        public X509Certificate[] b() {
            return this.b;
        }

        public byte[] c() {
            return this.c;
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        Principal subjectDN;
        this.a.clear();
        if (inputStream != null) {
            try {
                PKCS12 pkcs12 = new PKCS12(inputStream);
                if (!pkcs12.verify(cArr)) {
                    throw new IOException(this, "PKCS12 verification error, incorrect password") { // from class: iaik.pkcs.pkcs12.PKCS12KeyStore.1
                        private static final long serialVersionUID = -6777747744926386667L;
                        private final PKCS12KeyStore a;

                        {
                            this.a = this;
                        }

                        @Override // java.lang.Throwable
                        public Throwable getCause() {
                            return new UnrecoverableKeyException("PKCS12 verification error, incorrect password");
                        }
                    };
                }
                AuthenticatedSafe[] authenticatedSafes = pkcs12.getAuthenticatedSafes();
                Vector vector = new Vector();
                Vector vector2 = new Vector();
                for (int i = 0; i < authenticatedSafes.length; i++) {
                    if (authenticatedSafes[i].a() == 2) {
                        try {
                            authenticatedSafes[i].decrypt(cArr);
                            SafeBag[] safeBags = authenticatedSafes[i].getSafeBags();
                            for (int i2 = 0; i2 < safeBags.length; i2++) {
                                if (safeBags[i2] instanceof CertificateBag) {
                                    vector2.addElement(safeBags[i2]);
                                } else if (safeBags[i2] instanceof PKCS8ShroudedKeyBag) {
                                    try {
                                        ((PKCS8ShroudedKeyBag) safeBags[i2]).decrypt(cArr);
                                        ASN1Object aSN1Object = ((PKCS8ShroudedKeyBag) safeBags[i2]).toASN1Object();
                                        PKCS8ShroudedKeyBag pKCS8ShroudedKeyBag = new PKCS8ShroudedKeyBag();
                                        pKCS8ShroudedKeyBag.decode(aSN1Object);
                                        pKCS8ShroudedKeyBag.setFriendlyName(safeBags[i2].getFriendlyName());
                                        pKCS8ShroudedKeyBag.setLocalKeyID(safeBags[i2].getLocalKeyID());
                                        vector.addElement(pKCS8ShroudedKeyBag);
                                    } catch (CodingException e) {
                                        throw new CertificateException(e.toString());
                                    } catch (GeneralSecurityException e2) {
                                        throw new CertificateException(e2.toString());
                                    }
                                } else {
                                    continue;
                                }
                            }
                        } catch (Exception e3) {
                            throw new CertificateException(new StringBuffer().append("Decryption error: ").append(e3.toString()).toString());
                        }
                    } else {
                        SafeBag[] safeBags2 = authenticatedSafes[i].getSafeBags();
                        for (int i3 = 0; i3 < safeBags2.length; i3++) {
                            if (safeBags2[i3] instanceof PKCS8ShroudedKeyBag) {
                                vector.addElement(safeBags2[i3]);
                            }
                        }
                    }
                }
                PKCS8ShroudedKeyBag[] pKCS8ShroudedKeyBagArr = new PKCS8ShroudedKeyBag[vector.size()];
                vector.copyInto(pKCS8ShroudedKeyBagArr);
                CertificateBag[] certificateBagArr = new CertificateBag[vector2.size()];
                vector2.copyInto(certificateBagArr);
                X509Certificate[] certificates = CertificateBag.getCertificates(certificateBagArr);
                for (int i4 = 0; i4 < pKCS8ShroudedKeyBagArr.length; i4++) {
                    PKCS8ShroudedKeyBag pKCS8ShroudedKeyBag2 = pKCS8ShroudedKeyBagArr[i4];
                    CertificateBag certificateBag = null;
                    X509Certificate x509Certificate = null;
                    byte[] localKeyID = pKCS8ShroudedKeyBag2.getLocalKeyID();
                    if (localKeyID == null) {
                        throw new Exception("No localKeyID defined");
                    }
                    int i5 = 0;
                    while (true) {
                        try {
                            if (i5 >= certificateBagArr.length) {
                                break;
                            }
                            byte[] localKeyID2 = certificateBagArr[i5].getLocalKeyID();
                            if (localKeyID2 != null && CryptoUtils.equalsBlock(localKeyID2, localKeyID)) {
                                certificateBag = certificateBagArr[i5];
                                x509Certificate = certificateBag.getCertificate();
                                break;
                            }
                            i5++;
                        } catch (Exception e4) {
                            throw new CertificateException(e4.toString());
                        }
                    }
                    a aVar = new a(pKCS8ShroudedKeyBag2, x509Certificate != null ? Util.createCertificateChain(x509Certificate, certificates) : null, localKeyID);
                    String friendlyName = pKCS8ShroudedKeyBag2.getFriendlyName();
                    if (friendlyName == null && certificateBag != null) {
                        String friendlyName2 = certificateBag.getFriendlyName();
                        if (friendlyName2 != null) {
                            friendlyName = friendlyName2;
                        } else if (x509Certificate != null && (subjectDN = x509Certificate.getSubjectDN()) != null) {
                            friendlyName = subjectDN.getName();
                        }
                    }
                    if (friendlyName == null || this.a.containsKey(friendlyName)) {
                        friendlyName = Integer.toString(i4);
                        for (int i6 = i4; this.a.containsKey(friendlyName) && i6 < Integer.MAX_VALUE; i6++) {
                            friendlyName = Integer.toString(i6);
                        }
                    }
                    this.a.put(friendlyName, aVar);
                    throw new CertificateException(e4.toString());
                }
            } catch (PKCSException e5) {
                throw new IOException(e5.toString());
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return this.a.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        if (str != null) {
            return this.a.containsKey(str);
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (str != null) {
            this.a.remove(str);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        Certificate[] engineGetCertificateChain = engineGetCertificateChain(str);
        if (engineGetCertificateChain != null) {
            return engineGetCertificateChain[0];
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration keys = this.a.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement();
            Certificate[] engineGetCertificateChain = engineGetCertificateChain(str);
            if (engineGetCertificateChain.length > 0 && engineGetCertificateChain[0].equals(certificate)) {
                return str;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        if (engineContainsAlias(str)) {
            return ((a) this.a.get(str)).b();
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        if (!engineContainsAlias(str)) {
            return null;
        }
        a aVar = (a) this.a.get(str);
        try {
            return new Date(Long.parseLong(new String(aVar.c(), "ASCII")));
        } catch (UnsupportedEncodingException e) {
            throw new ProviderException(e.toString());
        } catch (NumberFormatException e2) {
            X509Certificate[] b = aVar.b();
            if (b == null || b.length <= 0) {
                return null;
            }
            return b[0].getNotBefore();
        }
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        if (!engineContainsAlias(str)) {
            return null;
        }
        try {
            ASN1Object aSN1Object = ((a) this.a.get(str)).a().toASN1Object();
            PKCS8ShroudedKeyBag pKCS8ShroudedKeyBag = new PKCS8ShroudedKeyBag();
            pKCS8ShroudedKeyBag.decode(aSN1Object);
            pKCS8ShroudedKeyBag.decrypt(cArr);
            PrivateKey privateKey = pKCS8ShroudedKeyBag.getPrivateKey();
            if (privateKey != null) {
                return privateKey;
            }
            return null;
        } catch (CodingException e) {
            throw new UnrecoverableKeyException(e.toString());
        } catch (GeneralSecurityException e2) {
            throw new UnrecoverableKeyException(e2.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        if (str != null) {
            return this.a.containsKey(str);
        }
        return false;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        if (str == null) {
            throw new NullPointerException("alias must not be null");
        }
        if (bArr == null) {
            throw new NullPointerException("key must not be null");
        }
        if (certificateArr == null) {
            throw new NullPointerException("chain must not be null");
        }
        if (certificateArr.length == 0) {
            throw new NullPointerException("chain must not be empty");
        }
        byte[] a2 = a(certificateArr[0], str);
        try {
            ASN1Object aSN1Object = new EncryptedPrivateKeyInfo(bArr).toASN1Object();
            PKCS8ShroudedKeyBag pKCS8ShroudedKeyBag = new PKCS8ShroudedKeyBag();
            pKCS8ShroudedKeyBag.decode(aSN1Object);
            pKCS8ShroudedKeyBag.setFriendlyName(str);
            pKCS8ShroudedKeyBag.setLocalKeyID(a2);
            this.a.put(str, new a(pKCS8ShroudedKeyBag, Util.convertCertificateChain(certificateArr), a2));
        } catch (CodingException e) {
            throw new KeyStoreException(e.toString());
        } catch (InvalidKeyException e2) {
            throw new KeyStoreException(e2.toString());
        } catch (CertificateException e3) {
            throw new KeyStoreException(e3.toString());
        }
    }

    private byte[] a(Certificate certificate, String str) {
        byte[] bArr = null;
        try {
            bArr = Long.toString(System.currentTimeMillis()).getBytes("ASCII");
        } catch (Exception e) {
        }
        if (bArr == null) {
            try {
                bArr = new SubjectKeyIdentifier(certificate.getPublicKey()).get();
            } catch (Exception e2) {
            }
        }
        if (bArr == null && str != null) {
            try {
                bArr = str.getBytes("UTF-8");
            } catch (UnsupportedEncodingException e3) {
                try {
                    bArr = str.getBytes("UTF8");
                } catch (UnsupportedEncodingException e4) {
                    bArr = str.getBytes();
                }
            }
        }
        if (bArr == null) {
            bArr = new byte[10];
            new Random().nextBytes(bArr);
        }
        return bArr;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        if (str == null) {
            throw new NullPointerException("alias must not be null!");
        }
        if (key == null) {
            throw new NullPointerException("key must not be null!");
        }
        if (certificateArr == null) {
            throw new NullPointerException("chain must not be null!");
        }
        byte[] a2 = a(certificateArr[0], str);
        try {
            KeyBag keyBag = new KeyBag((PrivateKey) key, str, a2);
            keyBag.setLocalKeyID(a2);
            PKCS8ShroudedKeyBag pKCS8ShroudedKeyBag = new PKCS8ShroudedKeyBag(keyBag);
            pKCS8ShroudedKeyBag.encrypt(cArr, (AlgorithmID) AlgorithmID.pbeWithSHAAnd3_KeyTripleDES_CBC.clone(), 2000);
            this.a.put(str, new a(pKCS8ShroudedKeyBag, Util.convertCertificateChain(certificateArr), a2));
        } catch (NoSuchAlgorithmException e) {
            throw new KeyStoreException(e.toString());
        } catch (CertificateException e2) {
            throw new KeyStoreException(e2.toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.a.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        Vector vector = new Vector(2);
        Vector vector2 = new Vector(4);
        Enumeration keys = this.a.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement();
            a aVar = (a) this.a.get(str);
            vector.addElement(aVar.a());
            X509Certificate[] b = aVar.b();
            vector2.addElement(new CertificateBag(b[0], str, aVar.c()));
            for (int i = 1; i < b.length; i++) {
                vector2.addElement(new CertificateBag(b[i]));
            }
        }
        KeyBag[] keyBagArr = new KeyBag[vector.size()];
        vector.copyInto(keyBagArr);
        CertificateBag[] certificateBagArr = new CertificateBag[vector2.size()];
        vector2.copyInto(certificateBagArr);
        try {
            PKCS12 pkcs12 = new PKCS12(keyBagArr, certificateBagArr, true);
            pkcs12.encrypt(cArr);
            pkcs12.toASN1Object();
            pkcs12.writeTo(outputStream);
        } catch (PKCSException e) {
            throw new CertificateException(e.toString());
        }
    }
}
