package com.sun.crypto.provider;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InvalidClassException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.security.AccessController;
import java.security.DigestInputStream;
import java.security.DigestOutputStream;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PrivilegedAction;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Locale;
import javax.crypto.SealedObject;
import sun.misc.ObjectInputFilter;

/* loaded from: classes2.dex */
public final class JceKeyStore extends KeyStoreSpi {
    private static final int JCEKS_MAGIC = -825307442;
    private static final int JKS_MAGIC = -17957139;
    private static final int VERSION_1 = 1;
    private static final int VERSION_2 = 2;
    private Hashtable<String, Object> entries = new Hashtable<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class DeserializationChecker implements ObjectInputFilter {
        private static final int MAX_NESTED_DEPTH = 2;

        private DeserializationChecker() {
        }

        public ObjectInputFilter.Status checkInput(ObjectInputFilter.FilterInfo filterInfo) {
            long depth = filterInfo.depth();
            if ((depth == 1 && filterInfo.serialClass() != SealedObjectForKeyProtector.class) || (depth > 2 && filterInfo.serialClass() != null && filterInfo.serialClass() != Object.class)) {
                return ObjectInputFilter.Status.REJECTED;
            }
            ObjectInputFilter serialFilter = ObjectInputFilter.Config.getSerialFilter();
            return serialFilter != null ? serialFilter.checkInput(filterInfo) : ObjectInputFilter.Status.UNDECIDED;
        }
    }

    /* loaded from: classes2.dex */
    private static final class PrivateKeyEntry {
        Certificate[] chain;
        Date date;
        byte[] protectedKey;

        private PrivateKeyEntry() {
        }
    }

    /* loaded from: classes2.dex */
    private static final class SecretKeyEntry {
        Date date;
        SealedObject sealedKey;

        private SecretKeyEntry() {
        }
    }

    /* loaded from: classes2.dex */
    private static final class TrustedCertEntry {
        Certificate cert;
        Date date;

        private TrustedCertEntry() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ Void a(ObjectInputStream objectInputStream) {
        ObjectInputFilter.Config.setObjectInputFilter(objectInputStream, new DeserializationChecker());
        return null;
    }

    private MessageDigest getPreKeyedHash(char[] cArr) {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA");
        byte[] bArr = new byte[cArr.length * 2];
        int i = 0;
        for (int i2 = 0; i2 < cArr.length; i2++) {
            int i3 = i + 1;
            bArr[i] = (byte) (cArr[i2] >> '\b');
            i = i3 + 1;
            bArr[i3] = (byte) cArr[i2];
        }
        messageDigest.update(bArr);
        for (int i4 = 0; i4 < bArr.length; i4++) {
            bArr[i4] = 0;
        }
        messageDigest.update("Mighty Aphrodite".getBytes("UTF8"));
        return messageDigest;
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        return this.entries.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.entries.containsKey(str.toLowerCase(Locale.ENGLISH));
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) {
        synchronized (this.entries) {
            this.entries.remove(str.toLowerCase(Locale.ENGLISH));
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        Certificate[] certificateArr;
        Object obj = this.entries.get(str.toLowerCase(Locale.ENGLISH));
        if (obj != null) {
            if (obj instanceof TrustedCertEntry) {
                return ((TrustedCertEntry) obj).cert;
            }
            if ((obj instanceof PrivateKeyEntry) && (certificateArr = ((PrivateKeyEntry) obj).chain) != null) {
                return certificateArr[0];
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Certificate certificate2;
        Certificate[] certificateArr;
        Enumeration<String> keys = this.entries.keys();
        while (keys.hasMoreElements()) {
            String nextElement = keys.nextElement();
            Object obj = this.entries.get(nextElement);
            if (obj instanceof TrustedCertEntry) {
                certificate2 = ((TrustedCertEntry) obj).cert;
            } else if ((obj instanceof PrivateKeyEntry) && (certificateArr = ((PrivateKeyEntry) obj).chain) != null) {
                certificate2 = certificateArr[0];
            }
            if (certificate2.equals(certificate)) {
                return nextElement;
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        Certificate[] certificateArr;
        Object obj = this.entries.get(str.toLowerCase(Locale.ENGLISH));
        if (!(obj instanceof PrivateKeyEntry) || (certificateArr = ((PrivateKeyEntry) obj).chain) == null) {
            return null;
        }
        return (Certificate[]) certificateArr.clone();
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        Object obj = this.entries.get(str.toLowerCase(Locale.ENGLISH));
        if (obj != null) {
            return obj instanceof TrustedCertEntry ? new Date(((TrustedCertEntry) obj).date.getTime()) : obj instanceof PrivateKeyEntry ? new Date(((PrivateKeyEntry) obj).date.getTime()) : new Date(((SecretKeyEntry) obj).date.getTime());
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) {
        Object obj = this.entries.get(str.toLowerCase(Locale.ENGLISH));
        boolean z = obj instanceof PrivateKeyEntry;
        if (!z && !(obj instanceof SecretKeyEntry)) {
            return null;
        }
        KeyProtector keyProtector = new KeyProtector(cArr);
        if (!z) {
            return keyProtector.unseal(((SecretKeyEntry) obj).sealedKey);
        }
        try {
            return keyProtector.recover(new EncryptedPrivateKeyInfo(((PrivateKeyEntry) obj).protectedKey));
        } catch (IOException unused) {
            throw new UnrecoverableKeyException("Private key not stored as PKCS #8 EncryptedPrivateKeyInfo");
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return this.entries.get(str.toLowerCase(Locale.ENGLISH)) instanceof TrustedCertEntry;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        Object obj = this.entries.get(str.toLowerCase(Locale.ENGLISH));
        return (obj instanceof PrivateKeyEntry) || (obj instanceof SecretKeyEntry);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r13v2, types: [com.sun.crypto.provider.JceKeyStore$TrustedCertEntry] */
    /* JADX WARN: Type inference failed for: r13v3, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r13v4, types: [com.sun.crypto.provider.JceKeyStore$PrivateKeyEntry] */
    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) {
        DataInputStream dataInputStream;
        MessageDigest messageDigest;
        Hashtable hashtable;
        CertificateFactory certificateFactory;
        int i;
        AnonymousClass1 anonymousClass1;
        MessageDigest messageDigest2;
        ?? trustedCertEntry;
        String readUTF;
        synchronized (this.entries) {
            try {
                if (inputStream == null) {
                    return;
                }
                ObjectInputStream objectInputStream = null;
                AnonymousClass1 anonymousClass12 = null;
                objectInputStream = null;
                if (cArr != null) {
                    messageDigest = getPreKeyedHash(cArr);
                    dataInputStream = new DataInputStream(new DigestInputStream(inputStream, messageDigest));
                } else {
                    dataInputStream = new DataInputStream(inputStream);
                    messageDigest = null;
                }
                try {
                    int readInt = dataInputStream.readInt();
                    int readInt2 = dataInputStream.readInt();
                    try {
                        if (readInt == JCEKS_MAGIC || readInt == JKS_MAGIC) {
                            int i2 = 1;
                            if (readInt2 == 1 || readInt2 == 2) {
                                if (readInt2 == 1) {
                                    certificateFactory = CertificateFactory.getInstance("X509");
                                    hashtable = null;
                                } else {
                                    hashtable = new Hashtable(3);
                                    certificateFactory = null;
                                }
                                this.entries.clear();
                                int readInt3 = dataInputStream.readInt();
                                ObjectInputStream objectInputStream2 = null;
                                CertificateFactory certificateFactory2 = certificateFactory;
                                int i3 = 0;
                                while (i3 < readInt3) {
                                    try {
                                        int readInt4 = dataInputStream.readInt();
                                        if (readInt4 == i2) {
                                            trustedCertEntry = new PrivateKeyEntry();
                                            readUTF = dataInputStream.readUTF();
                                            i = i3;
                                            trustedCertEntry.date = new Date(dataInputStream.readLong());
                                            try {
                                                trustedCertEntry.protectedKey = new byte[dataInputStream.readInt()];
                                                dataInputStream.readFully(trustedCertEntry.protectedKey);
                                                int readInt5 = dataInputStream.readInt();
                                                if (readInt5 > 0) {
                                                    try {
                                                        trustedCertEntry.chain = new Certificate[readInt5];
                                                    } catch (OutOfMemoryError unused) {
                                                        throw new IOException("Too many certificates in chain");
                                                    }
                                                }
                                                for (int i4 = 0; i4 < readInt5; i4++) {
                                                    if (readInt2 == 2) {
                                                        String readUTF2 = dataInputStream.readUTF();
                                                        if (hashtable.containsKey(readUTF2)) {
                                                            certificateFactory2 = (CertificateFactory) hashtable.get(readUTF2);
                                                        } else {
                                                            certificateFactory2 = CertificateFactory.getInstance(readUTF2);
                                                            hashtable.put(readUTF2, certificateFactory2);
                                                        }
                                                    }
                                                    try {
                                                        byte[] bArr = new byte[dataInputStream.readInt()];
                                                        dataInputStream.readFully(bArr);
                                                        trustedCertEntry.chain[i4] = certificateFactory2.generateCertificate(new ByteArrayInputStream(bArr));
                                                    } catch (OutOfMemoryError unused2) {
                                                        throw new IOException("Certificate too big");
                                                    }
                                                }
                                                this.entries.put(readUTF, trustedCertEntry);
                                                messageDigest2 = messageDigest;
                                                anonymousClass1 = null;
                                            } catch (OutOfMemoryError unused3) {
                                                throw new IOException("Keysize too big");
                                            }
                                        } else {
                                            i = i3;
                                            if (readInt4 == 2) {
                                                trustedCertEntry = new TrustedCertEntry();
                                                readUTF = dataInputStream.readUTF();
                                                trustedCertEntry.date = new Date(dataInputStream.readLong());
                                                if (readInt2 == 2) {
                                                    String readUTF3 = dataInputStream.readUTF();
                                                    if (hashtable.containsKey(readUTF3)) {
                                                        certificateFactory2 = (CertificateFactory) hashtable.get(readUTF3);
                                                    } else {
                                                        certificateFactory2 = CertificateFactory.getInstance(readUTF3);
                                                        hashtable.put(readUTF3, certificateFactory2);
                                                    }
                                                }
                                                try {
                                                    byte[] bArr2 = new byte[dataInputStream.readInt()];
                                                    dataInputStream.readFully(bArr2);
                                                    trustedCertEntry.cert = certificateFactory2.generateCertificate(new ByteArrayInputStream(bArr2));
                                                    this.entries.put(readUTF, trustedCertEntry);
                                                    messageDigest2 = messageDigest;
                                                    anonymousClass1 = null;
                                                } catch (OutOfMemoryError unused4) {
                                                    throw new IOException("Certificate too big");
                                                }
                                            } else {
                                                if (readInt4 != 3) {
                                                    throw new IOException("Unrecognized keystore entry");
                                                }
                                                anonymousClass1 = null;
                                                SecretKeyEntry secretKeyEntry = new SecretKeyEntry();
                                                String readUTF4 = dataInputStream.readUTF();
                                                messageDigest2 = messageDigest;
                                                secretKeyEntry.date = new Date(dataInputStream.readLong());
                                                try {
                                                    final ObjectInputStream objectInputStream3 = new ObjectInputStream(dataInputStream);
                                                    try {
                                                        AccessController.doPrivileged(new PrivilegedAction() { // from class: com.sun.crypto.provider.-$$Lambda$JceKeyStore$5VqYEh8MXAo9c17-znSyY37bKqE
                                                            @Override // java.security.PrivilegedAction
                                                            public final Object run() {
                                                                Void a;
                                                                a = JceKeyStore.a(objectInputStream3);
                                                                return a;
                                                            }
                                                        });
                                                        secretKeyEntry.sealedKey = (SealedObject) objectInputStream3.readObject();
                                                        this.entries.put(readUTF4, secretKeyEntry);
                                                        objectInputStream2 = objectInputStream3;
                                                    } catch (InvalidClassException unused5) {
                                                        throw new IOException("Invalid secret key format");
                                                    } catch (ClassNotFoundException e) {
                                                        e = e;
                                                        throw new IOException(e.getMessage());
                                                    }
                                                } catch (InvalidClassException unused6) {
                                                } catch (ClassNotFoundException e2) {
                                                    e = e2;
                                                }
                                            }
                                        }
                                        i3 = i + 1;
                                        anonymousClass12 = anonymousClass1;
                                        messageDigest = messageDigest2;
                                        i2 = 1;
                                    } catch (Throwable th) {
                                        th = th;
                                        objectInputStream = objectInputStream2;
                                        if (objectInputStream != null) {
                                            objectInputStream.close();
                                        } else {
                                            dataInputStream.close();
                                        }
                                        throw th;
                                    }
                                }
                                MessageDigest messageDigest3 = messageDigest;
                                if (cArr != null) {
                                    byte[] digest = messageDigest3.digest();
                                    byte[] bArr3 = new byte[digest.length];
                                    dataInputStream.readFully(bArr3);
                                    for (int i5 = 0; i5 < digest.length; i5++) {
                                        if (digest[i5] != bArr3[i5]) {
                                            throw new IOException("Keystore was tampered with, or password was incorrect", new UnrecoverableKeyException("Password verification failed"));
                                        }
                                    }
                                }
                                if (objectInputStream2 != null) {
                                    objectInputStream2.close();
                                } else {
                                    dataInputStream.close();
                                }
                                return;
                            }
                        }
                        throw new IOException("Invalid keystore format");
                    } catch (Throwable th2) {
                        th = th2;
                    }
                } catch (Throwable th3) {
                    th = th3;
                }
            } finally {
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) {
        synchronized (this.entries) {
            Object obj = this.entries.get(str.toLowerCase(Locale.ENGLISH));
            if (obj != null) {
                if (obj instanceof PrivateKeyEntry) {
                    throw new KeyStoreException("Cannot overwrite own certificate");
                }
                if (obj instanceof SecretKeyEntry) {
                    throw new KeyStoreException("Cannot overwrite secret key");
                }
            }
            TrustedCertEntry trustedCertEntry = new TrustedCertEntry();
            trustedCertEntry.cert = certificate;
            trustedCertEntry.date = new Date();
            this.entries.put(str.toLowerCase(Locale.ENGLISH), trustedCertEntry);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) {
        Hashtable<String, Object> hashtable;
        String lowerCase;
        SecretKeyEntry secretKeyEntry;
        synchronized (this.entries) {
            try {
                try {
                    KeyProtector keyProtector = new KeyProtector(cArr);
                    if (key instanceof PrivateKey) {
                        PrivateKeyEntry privateKeyEntry = new PrivateKeyEntry();
                        privateKeyEntry.date = new Date();
                        privateKeyEntry.protectedKey = keyProtector.protect((PrivateKey) key);
                        if (certificateArr == null || certificateArr.length == 0) {
                            privateKeyEntry.chain = null;
                        } else {
                            privateKeyEntry.chain = (Certificate[]) certificateArr.clone();
                        }
                        hashtable = this.entries;
                        lowerCase = str.toLowerCase(Locale.ENGLISH);
                        secretKeyEntry = privateKeyEntry;
                    } else {
                        SecretKeyEntry secretKeyEntry2 = new SecretKeyEntry();
                        secretKeyEntry2.date = new Date();
                        secretKeyEntry2.sealedKey = keyProtector.seal(key);
                        hashtable = this.entries;
                        lowerCase = str.toLowerCase(Locale.ENGLISH);
                        secretKeyEntry = secretKeyEntry2;
                    }
                    hashtable.put(lowerCase, secretKeyEntry);
                } catch (Exception e) {
                    throw new KeyStoreException(e.getMessage());
                }
            } catch (Throwable th) {
                throw th;
            }
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        synchronized (this.entries) {
            PrivateKeyEntry privateKeyEntry = new PrivateKeyEntry();
            privateKeyEntry.date = new Date();
            privateKeyEntry.protectedKey = (byte[]) bArr.clone();
            if (certificateArr == null || certificateArr.length == 0) {
                privateKeyEntry.chain = null;
            } else {
                privateKeyEntry.chain = (Certificate[]) certificateArr.clone();
            }
            this.entries.put(str.toLowerCase(Locale.ENGLISH), privateKeyEntry);
        }
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.entries.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        ObjectOutputStream objectOutputStream;
        Throwable th;
        synchronized (this.entries) {
            if (cArr == null) {
                throw new IllegalArgumentException("password can't be null");
            }
            MessageDigest preKeyedHash = getPreKeyedHash(cArr);
            DataOutputStream dataOutputStream = new DataOutputStream(new DigestOutputStream(outputStream, preKeyedHash));
            ObjectOutputStream objectOutputStream2 = null;
            try {
                dataOutputStream.writeInt(JCEKS_MAGIC);
                dataOutputStream.writeInt(2);
                dataOutputStream.writeInt(this.entries.size());
                Enumeration<String> keys = this.entries.keys();
                while (keys.hasMoreElements()) {
                    String nextElement = keys.nextElement();
                    Object obj = this.entries.get(nextElement);
                    if (obj instanceof PrivateKeyEntry) {
                        PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry) obj;
                        dataOutputStream.writeInt(1);
                        dataOutputStream.writeUTF(nextElement);
                        dataOutputStream.writeLong(privateKeyEntry.date.getTime());
                        dataOutputStream.writeInt(privateKeyEntry.protectedKey.length);
                        dataOutputStream.write(privateKeyEntry.protectedKey);
                        int length = privateKeyEntry.chain == null ? 0 : privateKeyEntry.chain.length;
                        dataOutputStream.writeInt(length);
                        for (int i = 0; i < length; i++) {
                            byte[] encoded = privateKeyEntry.chain[i].getEncoded();
                            dataOutputStream.writeUTF(privateKeyEntry.chain[i].getType());
                            dataOutputStream.writeInt(encoded.length);
                            dataOutputStream.write(encoded);
                        }
                    } else if (obj instanceof TrustedCertEntry) {
                        dataOutputStream.writeInt(2);
                        dataOutputStream.writeUTF(nextElement);
                        dataOutputStream.writeLong(((TrustedCertEntry) obj).date.getTime());
                        byte[] encoded2 = ((TrustedCertEntry) obj).cert.getEncoded();
                        dataOutputStream.writeUTF(((TrustedCertEntry) obj).cert.getType());
                        dataOutputStream.writeInt(encoded2.length);
                        dataOutputStream.write(encoded2);
                    } else {
                        dataOutputStream.writeInt(3);
                        dataOutputStream.writeUTF(nextElement);
                        dataOutputStream.writeLong(((SecretKeyEntry) obj).date.getTime());
                        objectOutputStream = new ObjectOutputStream(dataOutputStream);
                        try {
                            objectOutputStream.writeObject(((SecretKeyEntry) obj).sealedKey);
                            objectOutputStream2 = objectOutputStream;
                        } catch (Throwable th2) {
                            th = th2;
                            if (objectOutputStream != null) {
                                objectOutputStream.close();
                            } else {
                                dataOutputStream.close();
                            }
                            throw th;
                        }
                    }
                }
                dataOutputStream.write(preKeyedHash.digest());
                dataOutputStream.flush();
                if (objectOutputStream2 != null) {
                    objectOutputStream2.close();
                } else {
                    dataOutputStream.close();
                }
            } catch (Throwable th3) {
                objectOutputStream = objectOutputStream2;
                th = th3;
            }
        }
    }
}
