package iaik.security.keystore;

import iaik.asn1.ASN1Object;
import iaik.asn1.CON_SPEC;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.INTEGER;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.UTF8String;
import iaik.asn1.structures.AlgorithmID;
import iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo;
import iaik.pkcs.pkcs8.PrivateKeyInfo;
import iaik.security.cipher.SecretKey;
import iaik.security.random.SecRandom;
import iaik.utils.CryptoUtils;
import iaik.utils.InternalErrorException;
import iaik.x509.X509Certificate;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: input_file:115766-09/SUNWamsci/reloc/SUNWam/lib/iaik_jce_full.jar:iaik/security/keystore/IAIKKeyStore.class */
public final class IAIKKeyStore extends KeyStoreSpi {
    private static final String k = "UTF8";
    private static final int q = 15;
    private static final int m = 14;
    private static final int h = 13;
    private static final int g = 12;
    private static final int j = 11;
    private static final int l = 10;
    private static final int o = 1;
    private static final int n = 0;
    private static final String i = "1.2.840.113549.1.5.9";
    private static final boolean p = false;
    private int f = 32;
    private int e = 20;
    private int c = 1000;
    private int a = 16;
    private SecureRandom b = SecRandom.getDefault();
    private Hashtable d = new Hashtable();

    private byte[] a(int i2, Key key, byte[] bArr) throws KeyStoreException {
        try {
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr, 24, 8);
            SecretKey secretKey = new SecretKey(bArr, 0, 24, "DESede");
            Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding", "IAIK");
            cipher.init(i2 == 0 ? 1 : 2, secretKey, ivParameterSpec, (SecureRandom) null);
            return cipher.doFinal(key.getEncoded());
        } catch (Exception e) {
            throw new KeyStoreException(new StringBuffer("Crypt failed: ").append(e.toString()).toString());
        }
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    private iaik.security.cipher.SecretKey a(char[] r8, byte[] r9) {
        /*
            r7 = this;
            r0 = 0
            r10 = r0
            r0 = r8
            byte[] r0 = a(r0)
            r11 = r0
            r0 = 0
            r15 = r0
            java.lang.String r0 = "PBKDF2"
            java.lang.String r1 = "IAIK"
            javax.crypto.KeyGenerator r0 = javax.crypto.KeyGenerator.getInstance(r0, r1)     // Catch: java.lang.Exception -> L42 java.lang.Throwable -> L60
            r15 = r0
            iaik.security.spec.PBEKeyAndParameterSpec r0 = new iaik.security.spec.PBEKeyAndParameterSpec     // Catch: java.lang.Exception -> L42 java.lang.Throwable -> L60
            r1 = r0
            r2 = r11
            r3 = r9
            r4 = r7
            int r4 = r4.c     // Catch: java.lang.Exception -> L42 java.lang.Throwable -> L60
            r5 = r7
            int r5 = r5.f     // Catch: java.lang.Exception -> L42 java.lang.Throwable -> L60
            r1.<init>(r2, r3, r4, r5)     // Catch: java.lang.Exception -> L42 java.lang.Throwable -> L60
            r10 = r0
            r0 = r15
            r1 = r10
            r2 = 0
            r0.init(r1, r2)     // Catch: java.lang.Exception -> L42 java.lang.Throwable -> L60
            r0 = r15
            javax.crypto.SecretKey r0 = r0.generateKey()     // Catch: java.lang.Exception -> L42 java.lang.Throwable -> L60
            iaik.security.cipher.SecretKey r0 = (iaik.security.cipher.SecretKey) r0     // Catch: java.lang.Exception -> L42 java.lang.Throwable -> L60
            r16 = r0
            r0 = r16
            r12 = r0
            r0 = jsr -> L68
        L3f:
            r1 = r12
            return r1
        L42:
            r15 = move-exception
            iaik.utils.InternalErrorException r0 = new iaik.utils.InternalErrorException     // Catch: java.lang.Throwable -> L60
            r1 = r0
            java.lang.StringBuffer r2 = new java.lang.StringBuffer     // Catch: java.lang.Throwable -> L60
            r3 = r2
            java.lang.String r4 = "Could not generate key: "
            r3.<init>(r4)     // Catch: java.lang.Throwable -> L60
            r3 = r15
            java.lang.String r3 = r3.toString()     // Catch: java.lang.Throwable -> L60
            java.lang.StringBuffer r2 = r2.append(r3)     // Catch: java.lang.Throwable -> L60
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> L60
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L60
            throw r0     // Catch: java.lang.Throwable -> L60
        L60:
            r13 = move-exception
            r0 = jsr -> L68
        L65:
            r1 = r13
            throw r1
        L68:
            r14 = r0
            r0 = r10
            if (r0 == 0) goto L8b
            r0 = r10
            byte[] r0 = r0.getPassword()
            r11 = r0
            r0 = 0
            r15 = r0
            goto L83
        L7a:
            r0 = r11
            r1 = r15
            r2 = 0
            r0[r1] = r2
            int r15 = r15 + 1
        L83:
            r0 = r15
            r1 = r11
            int r1 = r1.length
            if (r0 < r1) goto L7a
        L8b:
            ret r14
        */
        throw new UnsupportedOperationException("Method not decompiled: iaik.security.keystore.IAIKKeyStore.a(char[], byte[]):iaik.security.cipher.SecretKey");
    }

    private int a(SEQUENCE sequence) {
        int countComponents;
        if (sequence == null || (countComponents = sequence.countComponents()) > 3 || countComponents < 1) {
            return 10;
        }
        try {
            if (countComponents == 1) {
                return 11;
            }
            switch (((CON_SPEC) sequence.getComponentAt(1)).getAsnType().getTag()) {
                case 0:
                    return 12;
                case 1:
                    return 13;
                case 2:
                    return 14;
                case 3:
                    return 15;
                default:
                    return 10;
            }
        } catch (Exception unused) {
            return 10;
        }
    }

    private byte[] b() {
        byte[] bArr = new byte[this.a];
        this.b.nextBytes(bArr);
        return bArr;
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws CertificateException, NoSuchAlgorithmException, IOException {
        if (cArr == null || cArr.length == 0) {
            throw new IOException("Password must be specified.");
        }
        byte[] b = b();
        SecretKey a = a(cArr, b);
        try {
            Mac mac = Mac.getInstance("HMAC/SHA", "IAIK");
            mac.init(a);
            SEQUENCE sequence = new SEQUENCE();
            Enumeration keys = this.d.keys();
            while (keys.hasMoreElements()) {
                String str = (String) keys.nextElement();
                OCTET_STRING octet_string = new OCTET_STRING(a(str));
                SEQUENCE sequence2 = new SEQUENCE();
                sequence2.addComponent(octet_string);
                sequence2.addComponent((ASN1Object) this.d.get(str));
                sequence.addComponent(sequence2);
            }
            mac.update(DerCoder.encode(sequence));
            ASN1Object a2 = a(b);
            byte[] doFinal = mac.doFinal(DerCoder.encode(a2));
            SEQUENCE sequence3 = new SEQUENCE();
            sequence3.addComponent(sequence);
            sequence3.addComponent(a2);
            sequence3.addComponent(new OCTET_STRING(doFinal));
            outputStream.write(DerCoder.encode(sequence3));
        } catch (Exception unused) {
            throw new NoSuchAlgorithmException("Could not initialize HMAC. ");
        }
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.d.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        if (str == null) {
            throw new KeyStoreException("Alias has to be specified. ");
        }
        if (bArr == null || bArr.length == 0) {
            throw new KeyStoreException("Key has to be specified. ");
        }
        SEQUENCE sequence = new SEQUENCE();
        sequence.addComponent(a());
        try {
            sequence.addComponent(new CON_SPEC(2, new EncryptedPrivateKeyInfo(bArr).toASN1Object(), false));
            SEQUENCE sequence2 = new SEQUENCE();
            if (certificateArr != null && certificateArr[0] != null) {
                for (Certificate certificate : certificateArr) {
                    try {
                        sequence2.addComponent(DerCoder.decode(certificate.getEncoded()));
                    } catch (Exception e) {
                        throw new InternalErrorException(new StringBuffer("Could not decode certificate: ").append(e.toString()).toString());
                    }
                }
                sequence.addComponent(new CON_SPEC(3, sequence2, false));
            }
            this.d.put(str, sequence);
        } catch (InvalidKeyException unused) {
            throw new KeyStoreException("Key is not a PKCS#8-EncryptedPrivateKeyInfo. ");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        boolean z;
        if (str == null) {
            throw new KeyStoreException("Alias has to be specified.");
        }
        if (key == null) {
            throw new KeyStoreException("Key has to be specified.");
        }
        if (key instanceof EncryptedPrivateKeyInfo) {
            z = 14;
        } else {
            if (cArr == null) {
                throw new KeyStoreException("Password has to be specified.");
            }
            if (key instanceof javax.crypto.SecretKey) {
                z = 12;
            } else {
                try {
                    PrivateKeyInfo.getPrivateKey(key.getEncoded());
                    z = 13;
                } catch (InvalidKeyException unused) {
                    throw new KeyStoreException("Unknown private key type.");
                }
            }
        }
        SEQUENCE sequence = new SEQUENCE();
        sequence.addComponent(a());
        if (z == 14) {
            sequence.addComponent(new CON_SPEC(2, ((EncryptedPrivateKeyInfo) key).toASN1Object(), false));
        } else {
            byte[] b = b();
            byte[] a = a(0, key, a(cArr, b).getEncoded());
            ASN1Object a2 = a(b);
            OCTET_STRING octet_string = new OCTET_STRING(a);
            SEQUENCE sequence2 = new SEQUENCE();
            sequence2.addComponent(a2);
            sequence2.addComponent(octet_string);
            if (z == 12) {
                sequence.addComponent(new CON_SPEC(0, sequence2, false));
            }
            if (z == 13) {
                sequence.addComponent(new CON_SPEC(1, sequence2, false));
            }
        }
        if (certificateArr != null && certificateArr[0] != null) {
            SEQUENCE sequence3 = new SEQUENCE();
            for (Certificate certificate : certificateArr) {
                try {
                    sequence3.addComponent(DerCoder.decode(certificate.getEncoded()));
                } catch (Exception e) {
                    throw new InternalErrorException(new StringBuffer("Could not encode certificate: ").append(e.toString()).toString());
                }
            }
            sequence.addComponent(new CON_SPEC(3, sequence3, false));
        }
        this.d.put(str, sequence);
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        if (str == null) {
            throw new KeyStoreException("Alias has to be specified.");
        }
        if (certificate == null) {
            throw new KeyStoreException("Certificate has to be specified.");
        }
        if (engineIsKeyEntry(str)) {
            throw new KeyStoreException("This alias is already used by a key.");
        }
        SEQUENCE sequence = new SEQUENCE();
        sequence.addComponent(a());
        SEQUENCE sequence2 = new SEQUENCE();
        try {
            sequence2.addComponent(DerCoder.decode(certificate.getEncoded()));
            sequence.addComponent(new CON_SPEC(3, sequence2, false));
            this.d.put(str, sequence);
        } catch (Exception e) {
            throw new InternalErrorException(new StringBuffer("Could not encoding certificate: ").append(e.toString()).toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws CertificateException, NoSuchAlgorithmException, IOException {
        if (inputStream == null) {
            return;
        }
        try {
            ASN1Object decode = DerCoder.decode(inputStream);
            SEQUENCE sequence = (SEQUENCE) decode.getComponentAt(0);
            if (cArr != null && cArr.length > 0) {
                SEQUENCE sequence2 = (SEQUENCE) decode.getComponentAt(1);
                OCTET_STRING octet_string = (OCTET_STRING) sequence2.getComponentAt(1);
                OCTET_STRING octet_string2 = (OCTET_STRING) decode.getComponentAt(2);
                SecretKey a = a(cArr, (byte[]) octet_string.getValue());
                try {
                    Mac mac = Mac.getInstance("HMAC/SHA", "IAIK");
                    mac.init(a);
                    mac.update(DerCoder.encode(sequence));
                    if (!CryptoUtils.equalsBlock((byte[]) octet_string2.getValue(), mac.doFinal(DerCoder.encode(sequence2)))) {
                        throw new IOException("Integrity verification failed! HMAC not valid. ");
                    }
                } catch (Exception e) {
                    throw new NoSuchAlgorithmException(new StringBuffer("Could not initialize HMAC: ").append(e.toString()).toString());
                }
            }
            for (int i2 = 0; i2 < sequence.countComponents(); i2++) {
                SEQUENCE sequence3 = (SEQUENCE) sequence.getComponentAt(i2);
                this.d.put(b((byte[]) ((OCTET_STRING) sequence3.getComponentAt(0)).getValue()), (SEQUENCE) sequence3.getComponentAt(1));
            }
        } catch (CodingException e2) {
            throw new IOException(new StringBuffer("CodingException: ").append(e2.getMessage()).toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        if (str == null) {
            return false;
        }
        switch (a((SEQUENCE) this.d.get(str))) {
            case 12:
            case 13:
            case 14:
                return true;
            default:
                return false;
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return str != null && a((SEQUENCE) this.d.get(str)) == 15;
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws UnrecoverableKeyException, NoSuchAlgorithmException {
        if (str == null) {
            throw new UnrecoverableKeyException("Alias has to be specified.");
        }
        SEQUENCE sequence = (SEQUENCE) this.d.get(str);
        if (sequence == null) {
            return null;
        }
        int a = a(sequence);
        if (a == 10) {
            throw new UnrecoverableKeyException("Invalid keystore record.");
        }
        if (a == 15) {
            throw new UnrecoverableKeyException("This alias specifies a certificate entry.");
        }
        if (a == 11) {
            throw new UnrecoverableKeyException("This alias specifies a date entry.");
        }
        CON_SPEC con_spec = (CON_SPEC) sequence.getComponentAt(1);
        int tag = con_spec.getAsnType().getTag();
        if (tag == 2) {
            ASN1Object componentAt = con_spec.getComponentAt(0);
            if (cArr != null) {
                try {
                    if (cArr.length != 0) {
                        return new EncryptedPrivateKeyInfo(componentAt).decrypt(cArr);
                    }
                } catch (Exception e) {
                    throw new UnrecoverableKeyException(new StringBuffer("Wrong password: ").append(e.toString()).toString());
                }
            }
            return new EncryptedPrivateKeyInfo(componentAt);
        }
        if (cArr == null || cArr.length == 0) {
            throw new UnrecoverableKeyException("Password has to be specified!");
        }
        SEQUENCE sequence2 = (SEQUENCE) con_spec.getComponentAt(0);
        SEQUENCE sequence3 = (SEQUENCE) sequence2.getComponentAt(0);
        try {
            ObjectID objectID = (ObjectID) sequence3.getComponentAt(0);
            if (!objectID.getID().equals(i)) {
                throw new UnrecoverableKeyException(new StringBuffer("Unknown OID: ").append(objectID).toString());
            }
            byte[] wholeValue = ((OCTET_STRING) sequence3.getComponentAt(1)).getWholeValue();
            if (wholeValue.length != this.a) {
                throw new UnrecoverableKeyException("Invalid salt");
            }
            SecretKey a2 = a(cArr, wholeValue);
            try {
                try {
                    byte[] a3 = a(1, new SecretKey(((OCTET_STRING) sequence2.getComponentAt(1)).getWholeValue(), "RAW"), a2.getEncoded());
                    if (tag == 0) {
                        return new SecretKey(a3, "RAW");
                    }
                    try {
                        return PrivateKeyInfo.getPrivateKey(a3);
                    } catch (Exception e2) {
                        throw new UnrecoverableKeyException(e2.getMessage());
                    }
                } catch (KeyStoreException e3) {
                    throw new UnrecoverableKeyException(e3.getMessage());
                }
            } catch (IOException e4) {
                throw new UnrecoverableKeyException(new StringBuffer("Cannot parse key: ").append(e4.toString()).toString());
            }
        } catch (Exception e5) {
            throw new UnrecoverableKeyException(new StringBuffer("Cannot parse key: ").append(e5.toString()).toString());
        }
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        SEQUENCE sequence;
        if (str == null || (sequence = (SEQUENCE) this.d.get(str)) == null || a(sequence) == 10) {
            return null;
        }
        return a((INTEGER) sequence.getComponentAt(0));
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        SEQUENCE sequence;
        if (str == null || (sequence = (SEQUENCE) this.d.get(str)) == null || sequence.countComponents() != 3) {
            return null;
        }
        int a = a(sequence);
        if (a != 13 && a != 14) {
            return null;
        }
        SEQUENCE sequence2 = (SEQUENCE) ((CON_SPEC) sequence.getComponentAt(2)).getComponentAt(0);
        int countComponents = sequence2.countComponents();
        X509Certificate[] x509CertificateArr = new X509Certificate[countComponents];
        for (int i2 = 0; i2 < countComponents; i2++) {
            try {
                ASN1Object componentAt = sequence2.getComponentAt(i2);
                X509Certificate x509Certificate = new X509Certificate();
                x509Certificate.decode(componentAt);
                x509CertificateArr[i2] = x509Certificate;
            } catch (CodingException unused) {
                return null;
            }
        }
        return x509CertificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        try {
            byte[] encoded = certificate.getEncoded();
            Enumeration engineAliases = engineAliases();
            while (engineAliases.hasMoreElements()) {
                String str = (String) engineAliases.nextElement();
                Certificate engineGetCertificate = engineGetCertificate(str);
                if (engineGetCertificate != null && CryptoUtils.equalsBlock(encoded, engineGetCertificate.getEncoded())) {
                    return str;
                }
            }
            return null;
        } catch (CertificateEncodingException unused) {
            return null;
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        SEQUENCE sequence;
        CON_SPEC con_spec;
        if (str == null || (sequence = (SEQUENCE) this.d.get(str)) == null) {
            return null;
        }
        int countComponents = sequence.countComponents();
        if (a(sequence) == 15) {
            con_spec = (CON_SPEC) sequence.getComponentAt(1);
        } else {
            if (countComponents != 3) {
                return null;
            }
            con_spec = (CON_SPEC) sequence.getComponentAt(2);
        }
        ASN1Object componentAt = ((SEQUENCE) con_spec.getComponentAt(0)).getComponentAt(0);
        X509Certificate x509Certificate = new X509Certificate();
        try {
            x509Certificate.decode(componentAt);
            return x509Certificate;
        } catch (CodingException e) {
            throw new InternalErrorException(e.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        if (str != null) {
            this.d.remove(str);
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        if (str == null) {
            return false;
        }
        return this.d.containsKey(str);
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return this.d.keys();
    }

    private static byte[] a(String str) {
        try {
            return UTF8String.getUTF8EncodingFromString(str);
        } catch (Exception unused) {
            throw new RuntimeException("Error in UTF8 decoding");
        }
    }

    private static byte[] a(char[] cArr) {
        try {
            return UTF8String.getUTF8EncodingFromCharArray(cArr);
        } catch (Exception unused) {
            throw new RuntimeException("Error in UTF8 decoding");
        }
    }

    private static String b(byte[] bArr) {
        try {
            return UTF8String.getStringFromUTF8Encoding(bArr);
        } catch (Exception unused) {
            throw new RuntimeException("Error in UTF8 decoding");
        }
    }

    private INTEGER a() {
        return new INTEGER(BigInteger.valueOf(new Date().getTime()));
    }

    private ASN1Object a(byte[] bArr) {
        return new AlgorithmID(new ObjectID(i), new OCTET_STRING(bArr)).toASN1Object();
    }

    private Date a(INTEGER integer) {
        return new Date(((BigInteger) integer.getValue()).longValue());
    }
}
