package org.bouncycastle.jcajce.provider;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Enumeration;
import org.bouncycastle.crypto.CryptoServicesRegistrar;
import org.bouncycastle.jcajce.BCLoadStoreParameter;
import org.bouncycastle.jcajce.provider.ProvBCFKS;
import org.bouncycastle.jcajce.provider.ProvJKS;
import org.bouncycastle.util.io.Streams;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:lib/bc-fips-1.0.2.3.jar:org/bouncycastle/jcajce/provider/ProvFipsKS.class */
public class ProvFipsKS extends AlgorithmProvider {
    private static final String PREFIX = "org.bouncycastle.jcajce.provider.keystore.FipsKS.";

    /* loaded from: input_file:lib/bc-fips-1.0.2.3.jar:org/bouncycastle/jcajce/provider/ProvFipsKS$FIPSKeyStore.class */
    private static class FIPSKeyStore extends KeyStoreSpi {
        private final boolean isImmutable;
        private final BouncyCastleFipsProvider provider;
        private KeyStoreSpi keyStore;

        public FIPSKeyStore(boolean z, BouncyCastleFipsProvider bouncyCastleFipsProvider) {
            this.isImmutable = z;
            this.provider = bouncyCastleFipsProvider;
        }

        @Override // java.security.KeyStoreSpi
        public Enumeration engineAliases() {
            return this.keyStore.engineAliases();
        }

        @Override // java.security.KeyStoreSpi
        public boolean engineContainsAlias(String str) {
            return this.keyStore.engineContainsAlias(str);
        }

        @Override // java.security.KeyStoreSpi
        public void engineDeleteEntry(String str) throws KeyStoreException {
            if (this.isImmutable) {
                throw new KeyStoreException("delete operation not supported in immutable mode");
            }
            this.keyStore.engineDeleteEntry(str);
        }

        @Override // java.security.KeyStoreSpi
        public Certificate engineGetCertificate(String str) {
            return this.keyStore.engineGetCertificate(str);
        }

        @Override // java.security.KeyStoreSpi
        public String engineGetCertificateAlias(Certificate certificate) {
            return this.keyStore.engineGetCertificateAlias(certificate);
        }

        @Override // java.security.KeyStoreSpi
        public Certificate[] engineGetCertificateChain(String str) {
            return this.keyStore.engineGetCertificateChain(str);
        }

        @Override // java.security.KeyStoreSpi
        public Date engineGetCreationDate(String str) {
            return this.keyStore.engineGetCreationDate(str);
        }

        @Override // java.security.KeyStoreSpi
        public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
            return this.keyStore.engineGetKey(str, cArr);
        }

        @Override // java.security.KeyStoreSpi
        public boolean engineIsCertificateEntry(String str) {
            return this.keyStore.engineIsCertificateEntry(str);
        }

        @Override // java.security.KeyStoreSpi
        public boolean engineIsKeyEntry(String str) {
            return this.keyStore.engineIsKeyEntry(str);
        }

        @Override // java.security.KeyStoreSpi
        public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
            if (this.isImmutable) {
                throw new KeyStoreException("set operation not supported in immutable mode");
            }
            this.keyStore.engineSetCertificateEntry(str, certificate);
        }

        @Override // java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
            if (this.isImmutable) {
                throw new KeyStoreException("set operation not supported in immutable mode");
            }
            this.keyStore.engineSetKeyEntry(str, bArr, certificateArr);
        }

        @Override // java.security.KeyStoreSpi
        public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
            if (this.isImmutable) {
                throw new KeyStoreException("set operation not supported in immutable mode");
            }
            this.keyStore.engineSetKeyEntry(str, key, cArr, certificateArr);
        }

        @Override // java.security.KeyStoreSpi
        public int engineSize() {
            return this.keyStore.engineSize();
        }

        @Override // java.security.KeyStoreSpi
        public void engineSetEntry(String str, KeyStore.Entry entry, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException {
            if (this.isImmutable) {
                throw new KeyStoreException("set operation not supported in immutable mode");
            }
            this.keyStore.engineSetEntry(str, entry, protectionParameter);
        }

        @Override // java.security.KeyStoreSpi
        public void engineLoad(KeyStore.LoadStoreParameter loadStoreParameter) throws IOException, NoSuchAlgorithmException, CertificateException {
            if (this.keyStore != null && this.isImmutable) {
                throw new IOException("immutable keystore already loaded");
            }
            if (loadStoreParameter == null) {
                throw new IllegalArgumentException("'param' arg cannot be null");
            }
            if (!(loadStoreParameter instanceof BCLoadStoreParameter)) {
                throw new IllegalArgumentException("no support for 'param' of type " + loadStoreParameter.getClass().getName());
            }
            engineLoad(((BCLoadStoreParameter) loadStoreParameter).getInputStream(), Utils.extractPassword(loadStoreParameter));
        }

        @Override // java.security.KeyStoreSpi
        public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, CertificateException, NoSuchAlgorithmException {
            if (this.keyStore != null && this.isImmutable) {
                throw new IOException("immutable keystore already loaded");
            }
            if (inputStream == null) {
                this.keyStore = new ProvBCFKS.BCFIPSKeyStoreSpi(false, this.provider);
                this.keyStore.engineLoad(null, cArr);
                return;
            }
            byte[] readAll = Streams.readAll(inputStream);
            if (this.isImmutable) {
                try {
                    this.keyStore = new ProvBCFKS.BCFIPSImmutableKeyStoreSpi(this.provider);
                    this.keyStore.engineLoad(new ByteArrayInputStream(readAll), cArr);
                    return;
                } catch (Exception e) {
                    this.keyStore = new ProvJKS.JKSKeyStoreSpi(false, this.provider);
                    this.keyStore.engineLoad(new ByteArrayInputStream(readAll), cArr);
                    return;
                }
            }
            try {
                this.keyStore = new ProvBCFKS.BCFIPSKeyStoreSpi(false, this.provider);
                this.keyStore.engineLoad(new ByteArrayInputStream(readAll), cArr);
            } catch (Exception e2) {
                this.keyStore = new ProvJKS.JKSKeyStoreSpi(false, this.provider);
                this.keyStore.engineLoad(new ByteArrayInputStream(readAll), cArr);
            }
        }

        @Override // java.security.KeyStoreSpi
        public void engineStore(KeyStore.LoadStoreParameter loadStoreParameter) throws IOException, NoSuchAlgorithmException, CertificateException {
            this.keyStore.engineStore(loadStoreParameter);
        }

        @Override // java.security.KeyStoreSpi
        public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, CertificateException, NoSuchAlgorithmException {
            this.keyStore.engineStore(outputStream, cArr);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.bouncycastle.jcajce.provider.AlgorithmProvider
    public void configure(final BouncyCastleFipsProvider bouncyCastleFipsProvider) {
        bouncyCastleFipsProvider.addAlgorithmImplementation("KeyStore.FIPS", "org.bouncycastle.jcajce.provider.keystore.FipsKS.FIPSKeyStore", new EngineCreator() { // from class: org.bouncycastle.jcajce.provider.ProvFipsKS.1
            @Override // org.bouncycastle.jcajce.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new FIPSKeyStore(false, bouncyCastleFipsProvider);
            }
        });
        bouncyCastleFipsProvider.addAlgorithmImplementation("KeyStore.IFIPS", "org.bouncycastle.jcajce.provider.keystore.FipsKS.IFIPSKeyStore", new EngineCreator() { // from class: org.bouncycastle.jcajce.provider.ProvFipsKS.2
            @Override // org.bouncycastle.jcajce.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new FIPSKeyStore(true, bouncyCastleFipsProvider);
            }
        });
        if (CryptoServicesRegistrar.isInApprovedOnlyMode()) {
            return;
        }
        bouncyCastleFipsProvider.addAlgorithmImplementation("KeyStore.FIPS-DEF", "org.bouncycastle.jcajce.provider.keystore.FipsKS.FIPSDefKeyStore", new GuardedEngineCreator(new EngineCreator() { // from class: org.bouncycastle.jcajce.provider.ProvFipsKS.3
            @Override // org.bouncycastle.jcajce.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new FIPSKeyStore(false, null);
            }
        }));
        bouncyCastleFipsProvider.addAlgorithmImplementation("KeyStore.IFIPS-DEF", "org.bouncycastle.jcajce.provider.keystore.FipsKS.IFIPDefSKeyStore", new GuardedEngineCreator(new EngineCreator() { // from class: org.bouncycastle.jcajce.provider.ProvFipsKS.4
            @Override // org.bouncycastle.jcajce.provider.EngineCreator
            public Object createInstance(Object obj) {
                return new FIPSKeyStore(true, null);
            }
        }));
    }
}
