package com.ibm.oti.security.provider;

import com.ibm.oti.util.Msg;
import com.ibm.oti.util.PasswordProtectedInputStream;
import com.ibm.oti.util.SHAOutputStream;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.io.Serializable;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;

/* loaded from: input_file:ive-2.2/runtimes/linux/x86/foundation10/lib/jclFoundation10/classes.zip:com/ibm/oti/security/provider/KeyStore.class */
public class KeyStore extends KeyStoreSpi {
    static final int RANDOM_BYTES = 32;
    static final int KEYSTORE_MAGIC = 77;
    static final int KEYSTORE_VERSION = 2;
    static final int OLD_KEYSTORE_VERSION = 1;
    Hashtable database = new Hashtable();

    /* loaded from: input_file:ive-2.2/runtimes/linux/x86/foundation10/lib/jclFoundation10/classes.zip:com/ibm/oti/security/provider/KeyStore$KeyStoreCertificate.class */
    static class KeyStoreCertificate extends KeyStoreEntry {
        Certificate cert;

        KeyStoreCertificate(Certificate certificate) {
            this.cert = certificate;
        }

        private void writeObject(ObjectOutputStream objectOutputStream) throws IOException, CertificateEncodingException {
            KeyStore.writeCertificate(this.cert, objectOutputStream);
        }

        private void readObject(ObjectInputStream objectInputStream) throws ClassNotFoundException, IOException, CertificateException {
            this.cert = KeyStore.readCertificate(objectInputStream);
        }
    }

    /* loaded from: input_file:ive-2.2/runtimes/linux/x86/foundation10/lib/jclFoundation10/classes.zip:com/ibm/oti/security/provider/KeyStore$KeyStoreEntry.class */
    static class KeyStoreEntry implements Serializable {
        Date creationDate = new Date();

        KeyStoreEntry() {
        }
    }

    /* loaded from: input_file:ive-2.2/runtimes/linux/x86/foundation10/lib/jclFoundation10/classes.zip:com/ibm/oti/security/provider/KeyStore$KeyStoreKey.class */
    static class KeyStoreKey extends KeyStoreEntry {
        Object key;
        Certificate[] chain;
        byte[] digest;

        KeyStoreKey(byte[] bArr) {
            this(bArr, null);
        }

        KeyStoreKey(Key key) {
            this(key, null);
        }

        KeyStoreKey(Object obj, Certificate[] certificateArr) {
            this.key = obj;
            this.chain = certificateArr;
        }

        private void writeObject(ObjectOutputStream objectOutputStream) throws IOException, CertificateEncodingException {
            objectOutputStream.writeObject(this.key);
            objectOutputStream.writeObject(this.digest);
            if (this.chain == null) {
                objectOutputStream.writeObject(this.chain);
                return;
            }
            objectOutputStream.writeObject(new Integer(this.chain.length));
            for (int i = 0; i < this.chain.length; i++) {
                KeyStore.writeCertificate(this.chain[i], objectOutputStream);
            }
        }

        private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException, CertificateException {
            this.key = objectInputStream.readObject();
            this.digest = (byte[]) objectInputStream.readObject();
            Object readObject = objectInputStream.readObject();
            if (readObject != null) {
                Integer num = (Integer) readObject;
                this.chain = new Certificate[num.intValue()];
                for (int i = 0; i < num.intValue(); i++) {
                    this.chain[i] = KeyStore.readCertificate(objectInputStream);
                }
            }
        }
    }

    private static byte[] digestPassword(char[] cArr) {
        SHAOutputStream sHAOutputStream = new SHAOutputStream();
        DataOutputStream dataOutputStream = new DataOutputStream(sHAOutputStream);
        for (char c : cArr) {
            try {
                dataOutputStream.write(c);
            } catch (IOException unused) {
            }
        }
        dataOutputStream.flush();
        dataOutputStream.close();
        return sHAOutputStream.getHashAsBytes();
    }

    static void writeCertificate(Certificate certificate, ObjectOutputStream objectOutputStream) throws IOException, CertificateEncodingException {
        byte[] encoded = certificate.getEncoded();
        objectOutputStream.writeObject(certificate.getType());
        objectOutputStream.writeObject(encoded);
    }

    static Certificate readCertificate(ObjectInputStream objectInputStream) throws ClassNotFoundException, IOException, CertificateException {
        return CertificateFactory.getInstance((String) objectInputStream.readObject()).generateCertificate(new ByteArrayInputStream((byte[]) objectInputStream.readObject()));
    }

    private static byte[] digestHeader(long j, byte[] bArr, char[] cArr) {
        SHAOutputStream sHAOutputStream = new SHAOutputStream();
        DataOutputStream dataOutputStream = new DataOutputStream(sHAOutputStream);
        try {
            dataOutputStream.writeLong(j);
            dataOutputStream.write(bArr);
            for (char c : cArr) {
                dataOutputStream.write(c);
            }
            dataOutputStream.flush();
            dataOutputStream.close();
        } catch (IOException unused) {
        }
        return sHAOutputStream.getHashAsBytes();
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return this.database.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        return this.database.containsKey(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        this.database.remove(str);
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        KeyStoreEntry keyStoreEntry = (KeyStoreEntry) this.database.get(str);
        if (keyStoreEntry == null) {
            return null;
        }
        if (keyStoreEntry instanceof KeyStoreCertificate) {
            return ((KeyStoreCertificate) keyStoreEntry).cert;
        }
        if (keyStoreEntry instanceof KeyStoreKey) {
            return ((KeyStoreKey) keyStoreEntry).chain[0];
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        Enumeration keys = this.database.keys();
        while (keys.hasMoreElements()) {
            String str = (String) keys.nextElement();
            KeyStoreEntry keyStoreEntry = (KeyStoreEntry) this.database.get(str);
            Certificate certificate2 = null;
            if (keyStoreEntry != null) {
                if (keyStoreEntry instanceof KeyStoreCertificate) {
                    certificate2 = ((KeyStoreCertificate) keyStoreEntry).cert;
                } else if (keyStoreEntry instanceof KeyStoreKey) {
                    certificate2 = ((KeyStoreKey) keyStoreEntry).chain[0];
                }
                if (certificate2 != null && certificate2.equals(certificate)) {
                    return str;
                }
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        KeyStoreEntry keyStoreEntry = (KeyStoreEntry) this.database.get(str);
        if (keyStoreEntry == null || !(keyStoreEntry instanceof KeyStoreKey)) {
            return null;
        }
        return ((KeyStoreKey) keyStoreEntry).chain;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        KeyStoreEntry keyStoreEntry = (KeyStoreEntry) this.database.get(str);
        if (keyStoreEntry != null) {
            return keyStoreEntry.creationDate;
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        KeyStoreEntry keyStoreEntry = (KeyStoreEntry) this.database.get(str);
        if (keyStoreEntry == null || !(keyStoreEntry instanceof KeyStoreKey)) {
            return null;
        }
        byte[] digestPassword = digestPassword(cArr);
        KeyStoreKey keyStoreKey = (KeyStoreKey) keyStoreEntry;
        if (!(keyStoreKey.key instanceof Key)) {
            return null;
        }
        if (Arrays.equals(digestPassword, keyStoreKey.digest)) {
            return (Key) keyStoreKey.key;
        }
        throw new UnrecoverableKeyException();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        KeyStoreEntry keyStoreEntry = (KeyStoreEntry) this.database.get(str);
        if (keyStoreEntry == null) {
            return false;
        }
        return keyStoreEntry instanceof KeyStoreCertificate;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        KeyStoreEntry keyStoreEntry = (KeyStoreEntry) this.database.get(str);
        if (keyStoreEntry == null) {
            return false;
        }
        return keyStoreEntry instanceof KeyStoreKey;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        if (inputStream == null) {
            return;
        }
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        if (dataInputStream.readInt() != 77) {
            throw new IOException(Msg.getString("K00fd"));
        }
        int readInt = dataInputStream.readInt();
        if (readInt != 2 && readInt != 1) {
            throw new IOException(Msg.getString("K00fd"));
        }
        long readLong = dataInputStream.readLong();
        byte[] bArr = new byte[32];
        dataInputStream.readFully(bArr);
        byte[] bArr2 = new byte[20];
        dataInputStream.readFully(bArr2);
        if (cArr != null && !Arrays.equals(bArr2, digestHeader(readLong, bArr, cArr))) {
            throw new IOException(Msg.getString("K00fe"));
        }
        ObjectInputStream objectInputStream = readInt == 1 ? new ObjectInputStream(new PasswordProtectedInputStream(inputStream, new String(cArr).getBytes())) : new ObjectInputStream(inputStream);
        try {
            try {
                this.database = (Hashtable) objectInputStream.readObject();
            } catch (ClassNotFoundException e) {
                throw new IOException(e.toString());
            }
        } finally {
            objectInputStream.close();
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        KeyStoreEntry keyStoreEntry = (KeyStoreEntry) this.database.get(str);
        if (keyStoreEntry != null && (keyStoreEntry instanceof KeyStoreKey)) {
            throw new KeyStoreException(Msg.getString("K0185"));
        }
        this.database.put(str, new KeyStoreCertificate(certificate));
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        this.database.put(str, new KeyStoreKey(bArr, certificateArr));
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        KeyStoreKey keyStoreKey = new KeyStoreKey(key, certificateArr);
        keyStoreKey.digest = digestPassword(cArr);
        this.database.put(str, keyStoreKey);
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.database.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        DataOutputStream dataOutputStream = new DataOutputStream(outputStream);
        long currentTimeMillis = System.currentTimeMillis();
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        byte[] digestHeader = digestHeader(currentTimeMillis, bArr, cArr);
        dataOutputStream.writeInt(77);
        dataOutputStream.writeInt(2);
        dataOutputStream.writeLong(currentTimeMillis);
        dataOutputStream.write(bArr);
        dataOutputStream.write(digestHeader);
        dataOutputStream.flush();
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(outputStream);
        objectOutputStream.writeObject(this.database);
        objectOutputStream.close();
    }
}
