package com.movies.remotecontroller.utils.network.ssl;

import android.content.Context;
import android.os.Build;
import android.util.Log;
import com.movies.remotecontroller.Application;
import java.io.ByteArrayInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Arrays;
import java.util.Base64;
import java.util.Date;
import java.util.Enumeration;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.StringCompanionObject;
import kotlin.text.Charsets;
import okhttp3.internal.concurrent.TaskRunner;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

@Metadata(d1 = {"\u0000V\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\b\b\u0007\u0018\u0000 '2\u00020\u0001:\u0001'B\u000f\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0004\b\u0004\u0010\u0005J\n\u0010\b\u001a\u0004\u0018\u00010\u0007H\u0002J\u0006\u0010\t\u001a\u00020\nJ\u000e\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000eJ\u0006\u0010\u000f\u001a\u00020\u000eJ\u000e\u0010\u0010\u001a\u00020\f2\u0006\u0010\u0011\u001a\u00020\u0012J\u0018\u0010\u0013\u001a\u00020\u00142\u0006\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u0012H\u0002J\u0012\u0010\u0018\u001a\u00020\f2\b\u0010\u0019\u001a\u0004\u0018\u00010\u0007H\u0002J\u0006\u0010\u0018\u001a\u00020\fJ\u000e\u0010#\u001a\u00020\f2\u0006\u0010$\u001a\u00020\u000eJ\b\u0010%\u001a\u00020\fH\u0002J\u0011\u0010&\u001a\b\u0012\u0004\u0012\u00020 0\u001b¢\u0006\u0002\u0010\"R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u0010\u0010\u0006\u001a\u0004\u0018\u00010\u0007X\u0082\u0004¢\u0006\u0002\n\u0000R\u0017\u0010\u001a\u001a\b\u0012\u0004\u0012\u00020\u001c0\u001b8F¢\u0006\u0006\u001a\u0004\b\u001d\u0010\u001eR\u0017\u0010\u001f\u001a\b\u0012\u0004\u0012\u00020 0\u001b8F¢\u0006\u0006\u001a\u0004\b!\u0010\"¨\u0006("}, d2 = {"Lcom/movies/remotecontroller/utils/network/ssl/KeystoreManager;", "", "mContext", "Landroid/content/Context;", "<init>", "(Landroid/content/Context;)V", "mKeyStore", "Ljava/security/KeyStore;", "load", "hasServerIdentityAlias", "", "setCert", "", "cert", "Ljava/security/cert/Certificate;", "getCert", "initializeKeyStore", "id", "", "generateSelfSignedCertificate", "Ljava/security/cert/X509Certificate;", "keyPair", "Ljava/security/KeyPair;", "distName", "store", "keyStore", "keyManagers", "", "Ljavax/net/ssl/KeyManager;", "getKeyManagers", "()[Ljavax/net/ssl/KeyManager;", "trustManagers", "Ljavax/net/ssl/TrustManager;", "getTrustManagers", "()[Ljavax/net/ssl/TrustManager;", "storeCertificate", "peerCert", "clearKeyStore", "defineNoOpTrustManager", "Companion", "app_release"}, k = 1, mv = {2, 0, 0}, xi = 48)
/* loaded from: classes4.dex */
public final class KeystoreManager {
    private static final String KEYSTORE_FILENAME = "ipremote.keystore";
    private static final char[] KEYSTORE_PASSWORD;
    private static final String LOCAL_IDENTITY_ALIAS = "anymote-remote";
    private static final String LOG_TAG = "KeyStoreUtil";
    private static final String REMOTE_IDENTITY_ALIAS_PATTERN = "anymote-server-%X";
    private final Context mContext;
    private final KeyStore mKeyStore;

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    public static final int $stable = 8;

    @Metadata(d1 = {"\u0000$\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0003\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010\u0019\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0086\u0003\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u0002\u0010\u0003J\b\u0010\u000b\u001a\u00020\fH\u0002J\u0010\u0010\r\u001a\u00020\u00052\u0006\u0010\u000e\u001a\u00020\u0005H\u0002R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0005X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\bX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\t\u001a\u00020\u0005X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\n\u001a\u00020\u0005X\u0082T¢\u0006\u0002\n\u0000¨\u0006\u000f"}, d2 = {"Lcom/movies/remotecontroller/utils/network/ssl/KeystoreManager$Companion;", "", "<init>", "()V", "LOG_TAG", "", "KEYSTORE_FILENAME", "KEYSTORE_PASSWORD", "", "LOCAL_IDENTITY_ALIAS", "REMOTE_IDENTITY_ALIAS_PATTERN", "createKeyStore", "Ljava/security/KeyStore;", "getCertificateName", "id", "app_release"}, k = 1, mv = {2, 0, 0}, xi = 48)
    /* loaded from: classes4.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final KeyStore createKeyStore() throws GeneralSecurityException {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                keyStore.load(null, KeystoreManager.KEYSTORE_PASSWORD);
                Intrinsics.checkNotNull(keyStore);
                return keyStore;
            } catch (IOException e) {
                throw new GeneralSecurityException("Unable to create empty keyStore", e);
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final String getCertificateName(String id) {
            return "CN=anymote/" + Build.PRODUCT + '/' + Build.DEVICE + '/' + Build.MODEL + '/' + id;
        }
    }

    static {
        char[] charArray = "1234567890".toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "toCharArray(...)");
        KEYSTORE_PASSWORD = charArray;
    }

    public KeystoreManager(Context mContext) {
        Intrinsics.checkNotNullParameter(mContext, "mContext");
        this.mContext = mContext;
        this.mKeyStore = load();
    }

    private final void clearKeyStore() {
        try {
            KeyStore keyStore = this.mKeyStore;
            Intrinsics.checkNotNull(keyStore);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Log.v(LOG_TAG, "Deleting alias: " + nextElement);
                this.mKeyStore.deleteEntry(nextElement);
            }
        } catch (KeyStoreException e) {
            Log.e(LOG_TAG, "Clearing certificates failed", e);
        }
        store();
    }

    private final X509Certificate generateSelfSignedCertificate(KeyPair keyPair, String distName) throws GeneralSecurityException, OperatorCreationException {
        Instant now = Instant.now();
        Date from = Date.from(now);
        Date from2 = Date.from(now.plus((TemporalAmount) Duration.ofDays(3650L)));
        X500Name x500Name = new X500Name(distName);
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(new JcaX509v3CertificateBuilder(x500Name, BigInteger.valueOf(now.toEpochMilli()), from, from2, x500Name, keyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256WithRSA").build(keyPair.getPrivate())));
        Intrinsics.checkNotNull(certificate);
        setCert(certificate);
        return certificate;
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x002f A[RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:13:0x0030 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private final java.security.KeyStore load() {
        /*
            r6 = this;
            java.lang.String r0 = "Unable open keystore file"
            java.lang.String r1 = "KeyStoreUtil"
            java.lang.String r2 = java.security.KeyStore.getDefaultType()     // Catch: java.security.KeyStoreException -> L45
            java.security.KeyStore r2 = java.security.KeyStore.getInstance(r2)     // Catch: java.security.KeyStoreException -> L45
            r3 = 0
            android.content.Context r4 = r6.mContext     // Catch: java.security.GeneralSecurityException -> L1f java.io.IOException -> L26
            java.lang.String r5 = "ipremote.keystore"
            java.io.FileInputStream r4 = r4.openFileInput(r5)     // Catch: java.security.GeneralSecurityException -> L1f java.io.IOException -> L26
            if (r2 == 0) goto L2d
            java.io.InputStream r4 = (java.io.InputStream) r4     // Catch: java.security.GeneralSecurityException -> L1f java.io.IOException -> L26
            char[] r5 = com.movies.remotecontroller.utils.network.ssl.KeystoreManager.KEYSTORE_PASSWORD     // Catch: java.security.GeneralSecurityException -> L1f java.io.IOException -> L26
            r2.load(r4, r5)     // Catch: java.security.GeneralSecurityException -> L1f java.io.IOException -> L26
            goto L2d
        L1f:
            r2 = move-exception
            java.lang.Throwable r2 = (java.lang.Throwable) r2
            android.util.Log.v(r1, r0, r2)
            goto L2c
        L26:
            r2 = move-exception
            java.lang.Throwable r2 = (java.lang.Throwable) r2
            android.util.Log.v(r1, r0, r2)
        L2c:
            r2 = r3
        L2d:
            if (r2 == 0) goto L30
            return r2
        L30:
            com.movies.remotecontroller.utils.network.ssl.KeystoreManager$Companion r0 = com.movies.remotecontroller.utils.network.ssl.KeystoreManager.INSTANCE     // Catch: java.security.GeneralSecurityException -> L3a
            java.security.KeyStore r0 = com.movies.remotecontroller.utils.network.ssl.KeystoreManager.Companion.access$createKeyStore(r0)     // Catch: java.security.GeneralSecurityException -> L3a
            r6.store(r0)
            return r0
        L3a:
            r0 = move-exception
            java.lang.IllegalStateException r1 = new java.lang.IllegalStateException
            java.lang.String r2 = "Unable to create identity KeyStore"
            java.lang.Throwable r0 = (java.lang.Throwable) r0
            r1.<init>(r2, r0)
            throw r1
        L45:
            r0 = move-exception
            java.lang.IllegalStateException r1 = new java.lang.IllegalStateException
            java.lang.String r2 = "Unable to get default instance of KeyStore"
            java.lang.Throwable r0 = (java.lang.Throwable) r0
            r1.<init>(r2, r0)
            throw r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.movies.remotecontroller.utils.network.ssl.KeystoreManager.load():java.security.KeyStore");
    }

    private final void store(KeyStore keyStore) {
        try {
            FileOutputStream openFileOutput = this.mContext.openFileOutput(KEYSTORE_FILENAME, 0);
            Intrinsics.checkNotNull(keyStore);
            keyStore.store(openFileOutput, KEYSTORE_PASSWORD);
            openFileOutput.close();
        } catch (IOException e) {
            throw new IllegalStateException("Unable to store keyStore", e);
        } catch (GeneralSecurityException e2) {
            throw new IllegalStateException("Unable to store keyStore", e2);
        }
    }

    public final TrustManager[] defineNoOpTrustManager() {
        return new TrustManager[]{new X509TrustManager() { // from class: com.movies.remotecontroller.utils.network.ssl.KeystoreManager$defineNoOpTrustManager$1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] chain, String authType) {
                TaskRunner.INSTANCE.getLogger().severe("Assuming client certificate is valid");
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] chain, String authType) {
                TaskRunner.INSTANCE.getLogger().severe("Assuming server certificate is valid");
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        }};
    }

    public final Certificate getCert() throws CertificateException {
        byte[] bArr;
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Base64.Decoder decoder = Base64.getDecoder();
        String androidCert = Application.INSTANCE.getAndroidCert();
        if (androidCert != null) {
            bArr = androidCert.getBytes(Charsets.UTF_8);
            Intrinsics.checkNotNullExpressionValue(bArr, "getBytes(...)");
        } else {
            bArr = null;
        }
        Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(decoder.decode(bArr)));
        Intrinsics.checkNotNullExpressionValue(generateCertificate, "generateCertificate(...)");
        return generateCertificate;
    }

    public final synchronized KeyManager[] getKeyManagers() throws GeneralSecurityException {
        KeyManager[] keyManagers;
        if (this.mKeyStore == null) {
            throw new NullPointerException("null mKeyStore");
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        KeyStore keyStore = this.mKeyStore;
        char[] charArray = "".toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "toCharArray(...)");
        keyManagerFactory.init(keyStore, charArray);
        keyManagers = keyManagerFactory.getKeyManagers();
        Intrinsics.checkNotNullExpressionValue(keyManagers, "getKeyManagers(...)");
        return keyManagers;
    }

    public final synchronized TrustManager[] getTrustManagers() throws GeneralSecurityException {
        TrustManager[] trustManagers;
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(this.mKeyStore);
        trustManagers = trustManagerFactory.getTrustManagers();
        Intrinsics.checkNotNullExpressionValue(trustManagers, "getTrustManagers(...)");
        return trustManagers;
    }

    public final boolean hasServerIdentityAlias() {
        try {
            KeyStore keyStore = this.mKeyStore;
            Intrinsics.checkNotNull(keyStore);
            if (keyStore.containsAlias(LOCAL_IDENTITY_ALIAS)) {
                return true;
            }
            Log.e(LOG_TAG, "Key store missing identity for anymote-remote");
            return false;
        } catch (KeyStoreException e) {
            Log.e(LOG_TAG, "Key store exception occurred", e);
            return false;
        }
    }

    public final void initializeKeyStore(String id) {
        Intrinsics.checkNotNullParameter(id, "id");
        clearKeyStore();
        try {
            Log.v(LOG_TAG, "Generating key pair ...");
            KeyPair generateKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
            Log.v(LOG_TAG, "Generating certificate ...");
            String certificateName = INSTANCE.getCertificateName(id);
            Intrinsics.checkNotNull(generateKeyPair);
            Certificate[] certificateArr = {generateSelfSignedCertificate(generateKeyPair, certificateName)};
            Log.v(LOG_TAG, "Adding key to keystore  ...");
            KeyStore keyStore = this.mKeyStore;
            Intrinsics.checkNotNull(keyStore);
            keyStore.setKeyEntry(LOCAL_IDENTITY_ALIAS, generateKeyPair.getPrivate(), null, certificateArr);
            Log.d(LOG_TAG, "Key added!");
            store(this.mKeyStore);
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException("Unable to create identity KeyStore", e);
        }
    }

    public final void setCert(Certificate cert) throws CertificateEncodingException {
        Intrinsics.checkNotNullParameter(cert, "cert");
        Application.Companion companion = Application.INSTANCE;
        byte[] encode = Base64.getEncoder().encode(cert.getEncoded());
        Intrinsics.checkNotNullExpressionValue(encode, "encode(...)");
        companion.setAndroidCert(new String(encode, Charsets.UTF_8));
    }

    public final synchronized void store() {
        store(this.mKeyStore);
    }

    public final synchronized void storeCertificate(Certificate peerCert) {
        Intrinsics.checkNotNullParameter(peerCert, "peerCert");
        try {
            StringCompanionObject stringCompanionObject = StringCompanionObject.INSTANCE;
            String format = String.format(REMOTE_IDENTITY_ALIAS_PATTERN, Arrays.copyOf(new Object[]{Integer.valueOf(peerCert.hashCode())}, 1));
            Intrinsics.checkNotNullExpressionValue(format, "format(...)");
            KeyStore keyStore = this.mKeyStore;
            Intrinsics.checkNotNull(keyStore);
            if (keyStore.containsAlias(format)) {
                Log.w(LOG_TAG, "Deleting existing entry for " + format);
                this.mKeyStore.deleteEntry(format);
            }
            Log.i(LOG_TAG, "Adding cert to keystore: " + format);
            this.mKeyStore.setCertificateEntry(format, peerCert);
            store();
        } catch (KeyStoreException e) {
            Log.e(LOG_TAG, "Storing cert failed", e);
        }
    }
}
