package sun.security.ssl;

import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.DigestInputStream;
import java.security.DigestOutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Hashtable;
import sun.security.AuthContext;
import sun.security.jsafe.Provider;
import sun.security.pkcs.PKCS8Key;
import sun.security.util.DerValue;

/* loaded from: input_file:sun/security/ssl/KeyStore.class */
public final class KeyStore implements sun.security.KeyStore {
    private transient AuthContext authContext;
    private transient Object authIndex;
    private transient PKCS5 cachedPKCS5;
    private static final String pkcs5Hash = "MD5";
    private transient int pkcs5Count;
    private transient byte[] pkcs5Salt;
    public static final int magic = -889271554;
    public static final int version = 1;
    private static final boolean errorsAreFatal = true;
    private transient Hashtable entries = new Hashtable();

    /* loaded from: input_file:sun/security/ssl/KeyStore$HashEntry.class */
    class HashEntry {
        private final KeyStore this$0;
        PrivateKey privateKey;
        X509Certificate[] chain;

        HashEntry(KeyStore keyStore) {
            this.this$0 = keyStore;
            this.this$0 = keyStore;
        }
    }

    public KeyStore(AuthContext authContext, Object obj) {
        Provider.install();
        if (authContext == null || obj == null) {
            throw new IllegalArgumentException("null authentication data");
        }
        this.authContext = authContext;
        this.authIndex = obj;
    }

    @Override // sun.security.KeyStore
    public X509Certificate[] getCertificateChain(String str) {
        HashEntry hashEntry = (HashEntry) this.entries.get(str);
        if (hashEntry != null) {
            return hashEntry.chain;
        }
        return null;
    }

    @Override // sun.security.KeyStore
    public PrivateKey getPrivateKey(String str) {
        HashEntry hashEntry = (HashEntry) this.entries.get(str);
        if (hashEntry != null) {
            return hashEntry.privateKey;
        }
        return null;
    }

    @Override // sun.security.KeyStore
    public void deleteAlias(String str) {
        this.entries.remove(str);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable, java.util.Hashtable] */
    @Override // sun.security.KeyStore
    public void setAlias(String str, PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
        synchronized (this.entries) {
            HashEntry hashEntry = new HashEntry(this);
            hashEntry.privateKey = privateKey;
            hashEntry.chain = x509CertificateArr;
            this.entries.put(str, hashEntry);
        }
    }

    @Override // sun.security.KeyStore
    public Enumeration listAliases() {
        return this.entries.keys();
    }

    @Override // sun.security.KeyStore
    public int size() {
        return this.entries.size();
    }

    private PKCS5 pkcs5() throws NoSuchAlgorithmException {
        if (this.cachedPKCS5 == null) {
            if (this.pkcs5Salt == null) {
                SecureRandom secureRandom = new SecureRandom();
                this.pkcs5Count = (secureRandom.nextInt() & 8) + 2;
                this.pkcs5Salt = new byte[8];
                secureRandom.nextBytes(this.pkcs5Salt);
            }
            this.cachedPKCS5 = new PKCS5(pkcs5Hash, this.pkcs5Salt, this.pkcs5Count);
            this.cachedPKCS5.setPassphrase((String) this.authContext.get(this.authIndex));
        }
        return this.cachedPKCS5;
    }

    private MessageDigest getPreKeyedHash() throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA");
        messageDigest.update(((String) this.authContext.get(this.authIndex)).getBytes());
        messageDigest.update("Save a Crag!".getBytes());
        return messageDigest;
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable, java.util.Hashtable] */
    public void store(OutputStream outputStream) throws IOException, NoSuchAlgorithmException {
        synchronized (this.entries) {
            try {
                MessageDigest preKeyedHash = getPreKeyedHash();
                int size = this.entries.size();
                DataOutputStream dataOutputStream = new DataOutputStream(new DigestOutputStream(outputStream, preKeyedHash));
                dataOutputStream.writeInt(magic);
                dataOutputStream.writeInt(1);
                dataOutputStream.writeInt(pkcs5().getCount());
                dataOutputStream.write(pkcs5().getSalt());
                dataOutputStream.writeInt(size);
                Enumeration keys = this.entries.keys();
                while (keys.hasMoreElements()) {
                    String str = (String) keys.nextElement();
                    HashEntry hashEntry = (HashEntry) this.entries.get(str);
                    dataOutputStream.writeUTF(str);
                    byte[] encrypt = pkcs5().encrypt(hashEntry.privateKey.getEncoded());
                    dataOutputStream.writeInt(encrypt.length);
                    dataOutputStream.write(encrypt);
                    try {
                        dataOutputStream.writeInt(hashEntry.chain.length);
                        for (int i = 0; i < hashEntry.chain.length; i++) {
                            dataOutputStream.write(hashEntry.chain[i].getEncoded());
                        }
                    } catch (CertificateException e) {
                        throw new IOException(e.getMessage());
                    }
                }
                dataOutputStream.write(preKeyedHash.digest());
                dataOutputStream.flush();
            } catch (IOException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new IOException(new StringBuffer("can't write keystore:  ").append(e3.toString()).toString());
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v2 */
    /* JADX WARN: Type inference failed for: r0v34 */
    /* JADX WARN: Type inference failed for: r0v5, types: [java.lang.Throwable] */
    public void load(InputStream inputStream) throws IOException, NoSuchAlgorithmException {
        Hashtable hashtable = this.entries;
        ?? r0 = hashtable;
        synchronized (r0) {
            try {
                try {
                    MessageDigest preKeyedHash = getPreKeyedHash();
                    DataInputStream dataInputStream = new DataInputStream(new DigestInputStream(inputStream, preKeyedHash));
                    int readInt = dataInputStream.readInt();
                    int readInt2 = dataInputStream.readInt();
                    this.pkcs5Count = dataInputStream.readInt();
                    this.pkcs5Salt = new byte[8];
                    dataInputStream.read(this.pkcs5Salt);
                    if (readInt != -889271554 || readInt2 != 1) {
                        error("KeyStore file format is unsupported");
                    }
                    this.entries.clear();
                    int readInt3 = dataInputStream.readInt();
                    for (int i = 0; i < readInt3; i++) {
                        HashEntry hashEntry = new HashEntry(this);
                        String readUTF = dataInputStream.readUTF();
                        byte[] bArr = new byte[dataInputStream.readInt()];
                        dataInputStream.read(bArr);
                        byte[] decrypt = pkcs5().decrypt(bArr);
                        if (decrypt == null) {
                            error("decryption error");
                        }
                        hashEntry.privateKey = PKCS8Key.parse(new DerValue(decrypt));
                        hashEntry.chain = new X509Certificate[dataInputStream.readInt()];
                        for (int i2 = 0; i2 < hashEntry.chain.length; i2++) {
                            hashEntry.chain[i2] = X509Certificate.getInstance(dataInputStream);
                        }
                        this.entries.put(readUTF, hashEntry);
                    }
                    byte[] digest = preKeyedHash.digest();
                    byte[] bArr2 = new byte[digest.length];
                    dataInputStream.read(bArr2);
                    int i3 = 0;
                    while (true) {
                        r0 = i3;
                        if (r0 >= digest.length) {
                            break;
                        }
                        if (digest[i3] != bArr2[i3]) {
                            error("keystore was tampered with, or passphrase was incorrect");
                        }
                        i3++;
                    }
                } catch (IOException e) {
                    throw e;
                }
            } catch (Exception e2) {
                error(new StringBuffer("can't read keystore:  ").append(e2.toString()).toString());
            }
        }
    }

    private void error(String str) throws IOException {
        throw new IOException(str);
    }
}
