package org.cumulus4j.keystore;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.ref.WeakReference;
import java.net.URLEncoder;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.SortedSet;
import java.util.Timer;
import java.util.TimerTask;
import java.util.TreeSet;
import java.util.UUID;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.cumulus4j.crypto.Cipher;
import org.cumulus4j.crypto.CipherOperationMode;
import org.cumulus4j.crypto.CryptoRegistry;
import org.cumulus4j.keystore.prop.LongProperty;
import org.cumulus4j.keystore.prop.Property;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/cumulus4j/keystore/KeyStore.class */
public class KeyStore {
    public static final String SYSTEM_PROPERTY_KEY_SIZE = "cumulus4j.KeyStore.keySize";
    public static final String SYSTEM_PROPERTY_ENCRYPTION_ALGORITHM = "cumulus4j.KeyStore.encryptionAlgorithm";
    public static final String SYSTEM_PROPERTY_MAC_ALGORITHM = "cumulus4j.KeyStore.macAlgorithm";
    public static final String MAC_ALGORITHM_NONE = "NONE";
    private static final String KEY_STORE_PROPERTY_NAME_NEXT_KEY_ID = "nextKeyID";
    private String keyStoreID;
    private File keyStoreFile;
    static final Logger logger = LoggerFactory.getLogger(KeyStore.class);
    private static Timer expireCacheEntryTimer = new Timer(KeyStore.class.getSimpleName(), true);
    private SecureRandom secureRandom = new SecureRandom();
    private TimerTask expireCacheEntryTimerTask = new ExipreCacheEntryTimerTask(this);
    private KeyStoreData keyStoreData = new KeyStoreData();
    private int keySize = 0;
    private String encryptionAlgorithm = null;
    private String macAlgorithm = null;
    private Map<String, CachedMasterKey> cache_userName2cachedMasterKey = new HashMap();
    private SortedSet<String> usersCache = null;
    private UUID propertyXxx = UUID.randomUUID();

    /* loaded from: input_file:org/cumulus4j/keystore/KeyStore$ExipreCacheEntryTimerTask.class */
    private static class ExipreCacheEntryTimerTask extends TimerTask {
        private static final Logger logger = LoggerFactory.getLogger(ExipreCacheEntryTimerTask.class);
        private WeakReference<KeyStore> keyStoreRef;

        public ExipreCacheEntryTimerTask(KeyStore keyStore) {
            if (keyStore == null) {
                throw new IllegalArgumentException("keyStore == null");
            }
            this.keyStoreRef = new WeakReference<>(keyStore);
        }

        @Override // java.util.TimerTask, java.lang.Runnable
        public void run() {
            try {
                KeyStore keyStore = this.keyStoreRef.get();
                if (keyStore == null) {
                    logger.info("run: KeyStore has been garbage-collected. Removing this ExipreCacheEntryTimerTask.");
                    cancel();
                    return;
                }
                Date date = new Date(System.currentTimeMillis() - 180000);
                LinkedList linkedList = new LinkedList();
                synchronized (keyStore) {
                    for (CachedMasterKey cachedMasterKey : keyStore.cache_userName2cachedMasterKey.values()) {
                        if (cachedMasterKey.getLastUse().before(date)) {
                            linkedList.add(cachedMasterKey.getUserName());
                        }
                    }
                }
                Iterator it = linkedList.iterator();
                while (it.hasNext()) {
                    String str = (String) it.next();
                    logger.info("run: Expiring cache for user '{}'.", str);
                    keyStore.clearCache(str);
                }
                if (logger.isDebugEnabled()) {
                    synchronized (keyStore) {
                        logger.debug("run: {} users left in cache.", Integer.valueOf(keyStore.cache_userName2cachedMasterKey.size()));
                    }
                }
            } catch (Throwable th) {
                logger.error("run: " + th, th);
            }
        }
    }

    int getKeySize() {
        int i = this.keySize;
        if (i == 0) {
            String property = System.getProperty(SYSTEM_PROPERTY_KEY_SIZE);
            if (property == null || property.trim().isEmpty()) {
                i = 256;
                logger.info("getKeySize: System property '{}' is not set. Using default key size ({} bit).", SYSTEM_PROPERTY_KEY_SIZE, 256);
            } else {
                try {
                    i = Integer.parseInt(property.trim());
                    if (i < 1) {
                        throw new IllegalStateException("Value of system property '" + SYSTEM_PROPERTY_KEY_SIZE + "' is " + this.keySize + " but must be >= 1!!!");
                    }
                    logger.info("getKeySize: System property '{}' is set to {} bit. Using this key size.", SYSTEM_PROPERTY_KEY_SIZE, Integer.valueOf(i));
                } catch (NumberFormatException e) {
                    NumberFormatException numberFormatException = new NumberFormatException("Value of system property '" + SYSTEM_PROPERTY_KEY_SIZE + "' is not a valid integer!");
                    numberFormatException.initCause(e);
                    throw numberFormatException;
                }
            }
            this.keySize = i;
        }
        return i;
    }

    String getEncryptionAlgorithm() {
        String str = this.encryptionAlgorithm;
        if (str == null) {
            String property = System.getProperty(SYSTEM_PROPERTY_ENCRYPTION_ALGORITHM);
            if (property == null || property.trim().isEmpty()) {
                str = "Twofish/GCM/NoPadding";
                logger.info("getEncryptionAlgorithm: System property '{}' is not set. Using default algorithm '{}'.", SYSTEM_PROPERTY_ENCRYPTION_ALGORITHM, str);
            } else {
                str = property.trim();
                logger.info("getEncryptionAlgorithm: System property '{}' is set to '{}'. Using this encryption algorithm.", SYSTEM_PROPERTY_ENCRYPTION_ALGORITHM, str);
            }
            this.encryptionAlgorithm = str;
        }
        return str;
    }

    String getMACAlgorithm() {
        String str = this.macAlgorithm;
        if (str == null) {
            String property = System.getProperty(SYSTEM_PROPERTY_MAC_ALGORITHM);
            if (property == null || property.trim().isEmpty()) {
                str = MAC_ALGORITHM_NONE;
                logger.info("getMACAlgorithm: System property '{}' is not set. Using default MAC algorithm '{}'.", SYSTEM_PROPERTY_MAC_ALGORITHM, str);
            } else {
                str = property.trim();
                logger.info("getMACAlgorithm: System property '{}' is set to '{}'. Using this MAC algorithm.", SYSTEM_PROPERTY_MAC_ALGORITHM, str);
            }
            this.macAlgorithm = str;
        }
        return str;
    }

    byte[] generateKey(int i) {
        byte[] bArr = new byte[(i + 7) / 8];
        this.secureRandom.nextBytes(bArr);
        return bArr;
    }

    byte[] generateKey() {
        return generateKey(getKeySize());
    }

    public KeyStore(String str, File file) throws IOException {
        if (file == null) {
            throw new IllegalArgumentException("keyStoreFile == null");
        }
        if (str == null) {
            throw new IllegalArgumentException("keyStoreID == null");
        }
        if (str.indexOf(42) > 0) {
            throw new IllegalArgumentException("keyStoreID must not contain '*'");
        }
        if (str.indexOf(95) > 0) {
            throw new IllegalArgumentException("keyStoreID must not contain '_'");
        }
        if (str.indexOf(32) > 0) {
            throw new IllegalArgumentException("keyStoreID must not contain ' '");
        }
        this.keyStoreID = str;
        this.keyStoreFile = file;
        if (!file.getParentFile().isDirectory()) {
            throw new FileNotFoundException("Path does not exist or is not a directory: " + file.getParentFile().getAbsolutePath());
        }
        File newKeyStoreFile = getNewKeyStoreFile();
        if (!file.exists() && newKeyStoreFile.exists()) {
            file = newKeyStoreFile;
        }
        FileInputStream fileInputStream = file.length() == 0 ? null : new FileInputStream(file);
        if (fileInputStream != null) {
            try {
                this.keyStoreData.readFromStream(fileInputStream);
                fileInputStream.close();
            } catch (Throwable th) {
                fileInputStream.close();
                throw th;
            }
        } else {
            storeToFile();
        }
        expireCacheEntryTimer.schedule(this.expireCacheEntryTimerTask, 60000L, 60000L);
    }

    public static void main(String[] strArr) throws UnsupportedEncodingException {
        System.out.println(URLEncoder.encode("_*", "UTF-8"));
    }

    public String getKeyStoreID() {
        return this.keyStoreID;
    }

    File getNewKeyStoreFile() {
        return new File(this.keyStoreFile.getParentFile(), this.keyStoreFile.getName() + ".new");
    }

    public synchronized boolean isEmpty() {
        return this.keyStoreData.user2keyMap.isEmpty();
    }

    synchronized long nextKeyID(String str, char[] cArr) throws AuthenticationException {
        LongProperty longProperty = (LongProperty) getProperty(str, cArr, LongProperty.class, KEY_STORE_PROPERTY_NAME_NEXT_KEY_ID);
        if (longProperty.getValue() == null) {
            longProperty.setValue(1L);
        }
        long longValue = longProperty.getValue().longValue();
        longProperty.setValue(Long.valueOf(longValue + 1));
        _setProperty(str, cArr, longProperty);
        return longValue;
    }

    public synchronized int getMasterKeySize(String str, char[] cArr) throws AuthenticationException {
        return getMasterKey(str, cArr).getEncoded().length * 8;
    }

    synchronized MasterKey getMasterKey(String str, char[] cArr) throws AuthenticationException {
        PlaintextDataAndMAC plaintextDataAndMAC;
        CachedMasterKey cachedMasterKey = this.cache_userName2cachedMasterKey.get(str);
        MasterKey masterKey = cachedMasterKey == null ? null : cachedMasterKey.getMasterKey();
        if (masterKey != null && Arrays.equals(cArr, cachedMasterKey.getPassword())) {
            cachedMasterKey.updateLastUse();
            return masterKey;
        }
        MasterKey masterKey2 = null;
        EncryptedMasterKey encryptedMasterKey = this.keyStoreData.user2keyMap.get(str);
        if (encryptedMasterKey == null) {
            logger.warn("getMasterKey: Unknown userName: {}", str);
        } else {
            try {
                plaintextDataAndMAC = new PlaintextDataAndMAC(getCipherForUserPassword(cArr, encryptedMasterKey.getPasswordBasedKeySize(), encryptedMasterKey.getPasswordBasedIterationCount(), encryptedMasterKey.getPasswordBasedKeyGeneratorAlgorithm(), encryptedMasterKey.getSalt(), encryptedMasterKey.getEncryptionIV(), encryptedMasterKey.getEncryptionAlgorithm(), CipherOperationMode.DECRYPT).doFinal(encryptedMasterKey.getEncryptedData()), encryptedMasterKey);
            } catch (GeneralSecurityException e) {
                throw new RuntimeException(e);
            } catch (CryptoException e2) {
                logger.warn("getMasterKey: Caught CryptoException indicating a wrong password for user \"{}\"!", str);
                plaintextDataAndMAC = null;
            }
            if (plaintextDataAndMAC != null) {
                try {
                    if (plaintextDataAndMAC.verifyMAC()) {
                        masterKey2 = new MasterKey(plaintextDataAndMAC.getData());
                    }
                } catch (GeneralSecurityException e3) {
                    throw new RuntimeException(e3);
                }
            }
            logger.warn("getMasterKey: Wrong password for user \"{}\"! MAC verification failed.", str);
        }
        if (masterKey2 == null) {
            throw new AuthenticationException("Unknown user \"" + str + "\" or wrong password!");
        }
        this.cache_userName2cachedMasterKey.put(str, new CachedMasterKey(str, cArr, masterKey2));
        return masterKey2;
    }

    private Cipher getCipherForUserPassword(char[] cArr, int i, int i2, String str, byte[] bArr, byte[] bArr2, String str2, CipherOperationMode cipherOperationMode) throws GeneralSecurityException {
        if (bArr2 == null) {
            if (CipherOperationMode.ENCRYPT != cipherOperationMode) {
                throw new IllegalArgumentException("iv must not be null when decrypting!");
            }
        } else if (CipherOperationMode.ENCRYPT == cipherOperationMode) {
            throw new IllegalArgumentException("iv must be null when encrypting!");
        }
        if (str2 == null) {
            if (CipherOperationMode.ENCRYPT != cipherOperationMode) {
                throw new IllegalArgumentException("algorithm must not be null when decrypting!");
            }
            str2 = getEncryptionAlgorithm();
        }
        SecretKey generateSecret = SecretKeyFactory.getInstance(str).generateSecret(new PBEKeySpec(cArr, bArr, i2, i));
        Cipher createCipher = CryptoRegistry.sharedInstance().createCipher(str2);
        if (bArr2 == null) {
            bArr2 = new byte[createCipher.getIVSize()];
            this.secureRandom.nextBytes(bArr2);
        }
        createCipher.init(cipherOperationMode, new ParametersWithIV(new KeyParameter(generateSecret.getEncoded()), bArr2));
        return createCipher;
    }

    private Cipher getCipherForMasterKey(MasterKey masterKey, byte[] bArr, String str, CipherOperationMode cipherOperationMode) throws GeneralSecurityException {
        if (bArr == null) {
            if (CipherOperationMode.ENCRYPT != cipherOperationMode) {
                throw new IllegalArgumentException("iv must not be null when decrypting!");
            }
        } else if (CipherOperationMode.ENCRYPT == cipherOperationMode) {
            throw new IllegalArgumentException("iv must be null when encrypting!");
        }
        if (str == null) {
            if (CipherOperationMode.ENCRYPT != cipherOperationMode) {
                throw new IllegalArgumentException("algorithm must not be null when decrypting!");
            }
            str = getEncryptionAlgorithm();
        }
        Cipher createCipher = CryptoRegistry.sharedInstance().createCipher(str);
        if (bArr == null) {
            bArr = new byte[createCipher.getIVSize()];
            this.secureRandom.nextBytes(bArr);
        }
        createCipher.init(cipherOperationMode, new ParametersWithIV(new KeyParameter(masterKey.getEncoded()), bArr));
        return createCipher;
    }

    public synchronized GeneratedKey generateKey(String str, char[] cArr) throws AuthenticationException, IOException {
        long nextKeyID = nextKeyID(str, cArr);
        byte[] generateKey = generateKey();
        GeneratedKey generatedKey = new GeneratedKey(nextKeyID, generateKey);
        _setKey(str, cArr, nextKeyID, generateKey);
        storeToFile();
        return generatedKey;
    }

    public synchronized List<GeneratedKey> generateKeys(String str, char[] cArr, int i) throws AuthenticationException, IOException {
        if (i < 0) {
            throw new IllegalArgumentException("qty < 0");
        }
        ArrayList arrayList = new ArrayList(i);
        for (int i2 = 0; i2 < i; i2++) {
            long nextKeyID = nextKeyID(str, cArr);
            byte[] generateKey = generateKey();
            GeneratedKey generatedKey = new GeneratedKey(nextKeyID, generateKey);
            _setKey(str, cArr, nextKeyID, generateKey);
            arrayList.add(generatedKey);
        }
        storeToFile();
        return arrayList;
    }

    public synchronized void createUser(String str, char[] cArr, String str2, char[] cArr2) throws AuthenticationException, UserAlreadyExistsException, IOException {
        MasterKey masterKey;
        if (str2 == null) {
            throw new IllegalArgumentException("userName must not be null!");
        }
        if (cArr2 == null) {
            throw new IllegalArgumentException("password must not be null!");
        }
        if (isEmpty()) {
            byte[] generateKey = generateKey();
            masterKey = new MasterKey(generateKey);
            logger.info("createUser: Created master-key with a size of {} bits. This key will not be modified for this key-store anymore.", Integer.valueOf(generateKey.length * 8));
        } else {
            masterKey = getMasterKey(str, cArr);
        }
        if (this.keyStoreData.user2keyMap.containsKey(str2)) {
            throw new UserAlreadyExistsException("User '" + str2 + "' already exists!");
        }
        setUser(masterKey, str2, cArr2);
    }

    synchronized void setUser(MasterKey masterKey, String str, char[] cArr) throws IOException {
        byte[] encoded = masterKey.getEncoded();
        byte[] bArr = new byte[8];
        this.secureRandom.nextBytes(bArr);
        try {
            int keySize = getKeySize();
            Cipher cipherForUserPassword = getCipherForUserPassword(cArr, keySize, 1024, "PBKDF2WithHmacSHA1", bArr, null, null, CipherOperationMode.ENCRYPT);
            PlaintextDataAndMAC plaintextDataAndMAC = new PlaintextDataAndMAC(encoded, getMACAlgorithm());
            byte[] doFinal = cipherForUserPassword.doFinal(plaintextDataAndMAC.toByteArray());
            this.keyStoreData.user2keyMap.put(str, new EncryptedMasterKey(this.keyStoreData, str, keySize, 1024, this.keyStoreData.stringConstant("PBKDF2WithHmacSHA1"), bArr, this.keyStoreData.stringConstant(cipherForUserPassword.getTransformation()), cipherForUserPassword.getParameters().getIV(), this.keyStoreData.stringConstant(plaintextDataAndMAC.getMACAlgorithm()), (short) plaintextDataAndMAC.getMACKey().length, (short) plaintextDataAndMAC.getMACIV().length, (short) plaintextDataAndMAC.getMAC().length, doFinal));
            this.usersCache = null;
            storeToFile();
        } catch (CryptoException e) {
            throw new RuntimeException((Throwable) e);
        } catch (GeneralSecurityException e2) {
            throw new RuntimeException(e2);
        }
    }

    synchronized void storeToFile() throws IOException {
        File newKeyStoreFile = getNewKeyStoreFile();
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(newKeyStoreFile);
            try {
                this.keyStoreData.writeToStream(fileOutputStream);
                fileOutputStream.close();
                this.keyStoreFile.delete();
                newKeyStoreFile.renameTo(this.keyStoreFile);
                if (0 != 0) {
                    try {
                        newKeyStoreFile.delete();
                    } catch (Exception e) {
                        logger.warn("Deleting the newKeyStoreFile failed!", e);
                    }
                }
            } catch (Throwable th) {
                fileOutputStream.close();
                throw th;
            }
        } catch (Throwable th2) {
            if (1 != 0) {
                try {
                    newKeyStoreFile.delete();
                } catch (Exception e2) {
                    logger.warn("Deleting the newKeyStoreFile failed!", e2);
                }
            }
            throw th2;
        }
    }

    public synchronized SortedSet<String> getUsers(String str, char[] cArr) throws AuthenticationException {
        getMasterKey(str, cArr);
        SortedSet<String> sortedSet = this.usersCache;
        if (sortedSet == null) {
            sortedSet = Collections.unmodifiableSortedSet(new TreeSet(this.keyStoreData.user2keyMap.keySet()));
            this.usersCache = sortedSet;
        }
        return sortedSet;
    }

    public synchronized void deleteUser(String str, char[] cArr, String str2) throws AuthenticationException, UserNotFoundException, CannotDeleteLastUserException, IOException {
        getMasterKey(str, cArr);
        if (this.keyStoreData.user2keyMap.get(str2) == null) {
            throw new UserNotFoundException("The user \"" + str2 + "\" does not exist!");
        }
        if (this.keyStoreData.user2keyMap.size() == 1) {
            throw new CannotDeleteLastUserException("You cannot delete the last user and \"" + str2 + "\" is the last user!");
        }
        clearCache(str2);
        this.keyStoreData.user2keyMap.remove(str2);
        this.usersCache = null;
        storeToFile();
    }

    public synchronized void changeUserPassword(String str, char[] cArr, String str2, char[] cArr2) throws AuthenticationException, UserNotFoundException, IOException {
        MasterKey masterKey = getMasterKey(str, cArr);
        if (!this.keyStoreData.user2keyMap.containsKey(str2)) {
            throw new UserNotFoundException("User '" + str2 + "' does not exist!");
        }
        setUser(masterKey, str2, cArr2);
    }

    public synchronized byte[] getKey(String str, char[] cArr, long j) throws AuthenticationException, KeyNotFoundException {
        MasterKey masterKey = getMasterKey(str, cArr);
        EncryptedKey encryptedKey = this.keyStoreData.keyID2keyMap.get(Long.valueOf(j));
        if (encryptedKey == null) {
            throw new KeyNotFoundException("There is no key with keyID=" + j + "!");
        }
        try {
            PlaintextDataAndMAC plaintextDataAndMAC = new PlaintextDataAndMAC(getCipherForMasterKey(masterKey, encryptedKey.getEncryptionIV(), encryptedKey.getEncryptionAlgorithm(), CipherOperationMode.DECRYPT).doFinal(encryptedKey.getEncryptedData()), encryptedKey);
            if (plaintextDataAndMAC.verifyMAC()) {
                return plaintextDataAndMAC.getData();
            }
            throw new IllegalStateException("MAC mismatch!!! This means, the decryption key was wrong!");
        } catch (GeneralSecurityException e) {
            throw new RuntimeException(e);
        } catch (CryptoException e2) {
            throw new RuntimeException((Throwable) e2);
        }
    }

    public synchronized SortedSet<Long> getKeyIDs(String str, char[] cArr) throws AuthenticationException {
        getMasterKey(str, cArr);
        return new TreeSet(this.keyStoreData.keyID2keyMap.keySet());
    }

    private void _setKey(String str, char[] cArr, long j, byte[] bArr) throws AuthenticationException {
        MasterKey masterKey = getMasterKey(str, cArr);
        try {
            PlaintextDataAndMAC plaintextDataAndMAC = new PlaintextDataAndMAC(bArr, getMACAlgorithm());
            Cipher cipherForMasterKey = getCipherForMasterKey(masterKey, null, null, CipherOperationMode.ENCRYPT);
            this.keyStoreData.keyID2keyMap.put(Long.valueOf(j), new EncryptedKey(this.keyStoreData, j, this.keyStoreData.stringConstant(cipherForMasterKey.getTransformation()), cipherForMasterKey.getParameters().getIV(), plaintextDataAndMAC.getMACAlgorithm(), (short) plaintextDataAndMAC.getMACKey().length, (short) plaintextDataAndMAC.getMACIV().length, (short) plaintextDataAndMAC.getMAC().length, cipherForMasterKey.doFinal(plaintextDataAndMAC.toByteArray())));
        } catch (CryptoException e) {
            throw new RuntimeException((Throwable) e);
        } catch (GeneralSecurityException e2) {
            throw new RuntimeException(e2);
        }
    }

    public synchronized <P extends Property<?>> P getProperty(String str, char[] cArr, Class<P> cls, String str2) throws AuthenticationException {
        MasterKey masterKey = getMasterKey(str, cArr);
        if (str2 == null) {
            throw new IllegalArgumentException("name == null");
        }
        EncryptedProperty encryptedProperty = this.keyStoreData.name2propertyMap.get(str2);
        try {
            P newInstance = cls.newInstance();
            newInstance.setName(str2);
            newInstance.setXxx(this.propertyXxx);
            if (encryptedProperty != null) {
                if (!cls.equals(encryptedProperty.getType())) {
                    throw new IllegalArgumentException("propertyType != encryptedProperty.type :: " + cls.getClass().getName() + " != " + encryptedProperty.getType().getName());
                }
                try {
                    PlaintextDataAndMAC plaintextDataAndMAC = new PlaintextDataAndMAC(getCipherForMasterKey(masterKey, encryptedProperty.getEncryptionIV(), encryptedProperty.getEncryptionAlgorithm(), CipherOperationMode.DECRYPT).doFinal(encryptedProperty.getEncryptedData()), encryptedProperty);
                    if (!plaintextDataAndMAC.verifyMAC()) {
                        throw new IllegalStateException("MAC mismatch!!! This means, the decryption key was wrong!");
                    }
                    newInstance.setValueEncoded(plaintextDataAndMAC.getData());
                } catch (CryptoException e) {
                    throw new RuntimeException((Throwable) e);
                } catch (GeneralSecurityException e2) {
                    throw new RuntimeException(e2);
                }
            }
            return newInstance;
        } catch (IllegalAccessException e3) {
            throw new RuntimeException(e3);
        } catch (InstantiationException e4) {
            throw new RuntimeException(e4);
        }
    }

    public synchronized SortedSet<Property<?>> getProperties(String str, char[] cArr) throws AuthenticationException {
        TreeSet treeSet = new TreeSet();
        for (Map.Entry<String, EncryptedProperty> entry : this.keyStoreData.name2propertyMap.entrySet()) {
            treeSet.add(getProperty(str, cArr, entry.getValue().getType(), entry.getKey()));
        }
        return treeSet;
    }

    public synchronized boolean removeProperty(String str, char[] cArr, String str2) throws AuthenticationException, IOException {
        boolean _removeProperty = _removeProperty(str, cArr, str2);
        if (_removeProperty) {
            storeToFile();
        }
        return _removeProperty;
    }

    boolean _removeProperty(String str, char[] cArr, String str2) throws AuthenticationException {
        getMasterKey(str, cArr);
        return this.keyStoreData.name2propertyMap.remove(str2) != null;
    }

    public synchronized void setProperty(String str, char[] cArr, Property<?> property) throws AuthenticationException, IOException {
        _setProperty(str, cArr, property);
        storeToFile();
    }

    private void _setProperty(String str, char[] cArr, Property<?> property) throws AuthenticationException {
        MasterKey masterKey = getMasterKey(str, cArr);
        if (property == null) {
            throw new IllegalArgumentException("property == null");
        }
        if (!this.propertyXxx.equals(property.getXxx())) {
            throw new IllegalArgumentException("property was not created by this KeyStore! You should use 'getProperty(...)' instead of 'new SomeProperty(...)'!!! And you should never store properties unencrypted somewhere outside!");
        }
        if (property.getName() == null) {
            throw new IllegalArgumentException("property.name == null");
        }
        this.keyStoreData.stringConstant(property.getClass().getName());
        byte[] valueEncoded = property.getValueEncoded();
        if (valueEncoded == null) {
            _removeProperty(str, cArr, property.getName());
            return;
        }
        try {
            PlaintextDataAndMAC plaintextDataAndMAC = new PlaintextDataAndMAC(valueEncoded, getMACAlgorithm());
            Cipher cipherForMasterKey = getCipherForMasterKey(masterKey, null, null, CipherOperationMode.ENCRYPT);
            byte[] doFinal = cipherForMasterKey.doFinal(plaintextDataAndMAC.toByteArray());
            byte[] iv = cipherForMasterKey.getParameters().getIV();
            EncryptedProperty encryptedProperty = new EncryptedProperty(this.keyStoreData, property.getName(), property.getClass(), this.keyStoreData.stringConstant(cipherForMasterKey.getTransformation()), iv, plaintextDataAndMAC.getMACAlgorithm(), (short) plaintextDataAndMAC.getMACKey().length, (short) plaintextDataAndMAC.getMACIV().length, (short) plaintextDataAndMAC.getMAC().length, doFinal);
            this.keyStoreData.name2propertyMap.put(encryptedProperty.getName(), encryptedProperty);
        } catch (CryptoException e) {
            throw new RuntimeException((Throwable) e);
        } catch (GeneralSecurityException e2) {
            throw new RuntimeException(e2);
        }
    }

    public synchronized void clearCache(String str) {
        if (str == null) {
            Iterator<CachedMasterKey> it = this.cache_userName2cachedMasterKey.values().iterator();
            while (it.hasNext()) {
                it.next().clear();
            }
            this.cache_userName2cachedMasterKey.clear();
            return;
        }
        CachedMasterKey remove = this.cache_userName2cachedMasterKey.remove(str);
        if (remove != null) {
            remove.clear();
        }
    }

    protected void finalize() throws Throwable {
        clearCache(null);
        super.finalize();
    }
}
