package com.worklight.common.security;

import android.content.Context;
import android.util.Base64;
import com.bumptech.glide.load.Key;
import com.worklight.common.Logger;
import com.worklight.common.WLConfig;
import com.worklight.utils.WLBase64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import org.apache.commons.httpclient.cookie.CookieSpec;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public abstract class WLCertManager {
    protected static final String ALG = "alg";
    private static final String APPLICATION = "application";
    protected static final String E = "e";
    protected static final String JWK = "jwk";
    protected static final String KTY = "kty";
    protected static final String N = "n";
    protected static final String RSA = "RSA";
    protected static final String X5C = "x5c";
    private String KEYSTORE_FILENAME;
    protected Context context;
    protected HashMap<String, KeyPair> keyPairHash = new HashMap<>();
    private char[] keyStorePassword;
    protected static Logger logger = Logger.getInstance("wl.certManager");
    private static boolean first = true;

    /* JADX INFO: Access modifiers changed from: protected */
    public WLCertManager(String str, char[] cArr) {
        this.KEYSTORE_FILENAME = str;
        this.keyStorePassword = cArr;
    }

    private KeyStore loadKeystore() throws KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File file = new File(this.context.getFilesDir().getAbsolutePath() + CookieSpec.PATH_DELIM + this.KEYSTORE_FILENAME);
        if (file.exists()) {
            try {
            } catch (IOException e) {
                e = e;
            } catch (NoSuchAlgorithmException e2) {
                e = e2;
            } catch (CertificateException e3) {
                e = e3;
            }
            try {
                keyStore.load(new FileInputStream(file), this.keyStorePassword);
            } catch (IOException e4) {
                e = e4;
                throw new Error(e);
            } catch (NoSuchAlgorithmException e5) {
                e = e5;
                throw new Error(e);
            } catch (CertificateException e6) {
                e = e6;
                throw new Error(e);
            }
        }
        return keyStore;
    }

    private byte[] signCsrData(String str, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return signature.sign();
    }

    /* JADX WARN: Removed duplicated region for block: B:21:0x009b A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:29:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:30:0x0096 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:41:0x0142 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:46:0x013d A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void clearKeystore(java.lang.String r13) throws java.security.KeyStoreException {
        /*
            Method dump skipped, instructions count: 416
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.clearKeystore(java.lang.String):void");
    }

    public KeyPair generateKeyPair(String str, int i) throws NoSuchAlgorithmException, IOException, NoSuchProviderException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
        keyPairGenerator.initialize(i);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        if (genKeyPair != null) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
            objectOutputStream.writeObject(genKeyPair);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            int length = byteArray.length;
            WLConfig.getInstance().writeSecurityPref(getAlias(str), Base64.encodeToString(byteArray, 0));
            objectOutputStream.close();
            byteArrayOutputStream.close();
            this.keyPairHash.put(getAlias(str), genKeyPair);
        }
        return genKeyPair;
    }

    protected abstract String getAlias(String str);

    public KeyPair getKeyPair(String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException, IOException, ClassNotFoundException {
        String alias = getAlias(str);
        if (this.keyPairHash.get(alias) == null) {
            String readSecurityPref = WLConfig.getInstance().readSecurityPref(getAlias(str));
            if (readSecurityPref == null) {
                logger.debug("There is no KeyPair in memory-getKeyPair");
                return null;
            }
            byte[] decode = Base64.decode(readSecurityPref, 0);
            int length = decode.length;
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decode);
                ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
                Object readObject = objectInputStream.readObject();
                if (readObject instanceof KeyPair) {
                    this.keyPairHash.put(alias, (KeyPair) readObject);
                }
                objectInputStream.close();
                byteArrayInputStream.close();
            } catch (IOException e) {
                e.printStackTrace();
                return null;
            }
        }
        return this.keyPairHash.get(alias);
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x00c7  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected java.security.KeyStore.PrivateKeyEntry getPrivateKeyEntry(java.lang.String r26) throws java.io.IOException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, android.content.pm.PackageManager.NameNotFoundException, java.security.UnrecoverableEntryException {
        /*
            Method dump skipped, instructions count: 568
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.getPrivateKeyEntry(java.lang.String):java.security.KeyStore$PrivateKeyEntry");
    }

    public void init(Context context) {
        this.context = context;
    }

    /* JADX WARN: Removed duplicated region for block: B:18:0x0180 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:26:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:27:0x017b A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:37:0x01a9 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:42:0x01a4 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void removeEntityKeyStoreValues(java.lang.String r20) throws java.security.KeyStoreException {
        /*
            Method dump skipped, instructions count: 599
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.removeEntityKeyStoreValues(java.lang.String):void");
    }

    public String signCsr(JSONObject jSONObject, String str) throws Exception {
        KeyPair keyPair = this.keyPairHash.get(getAlias(str));
        return signJWS(jSONObject, (RSAPublicKey) keyPair.getPublic(), keyPair.getPrivate(), null);
    }

    protected byte[] signData(String str, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return signature.sign();
    }

    public String signJWS(JSONObject jSONObject, RSAPublicKey rSAPublicKey, PrivateKey privateKey, String str) throws JSONException, UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put(ALG, "RS256");
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.put(KTY, "RSA");
        jSONObject3.put(N, WLBase64.encodeUrlSafe(rSAPublicKey.getModulus().toByteArray(), Key.STRING_CHARSET_NAME));
        jSONObject3.put(E, WLBase64.encodeUrlSafe(rSAPublicKey.getPublicExponent().toByteArray(), Key.STRING_CHARSET_NAME));
        if (str != null) {
            jSONObject3.put("kid", str);
        }
        jSONObject2.put(JWK, jSONObject3);
        String str2 = WLBase64.encodeUrlSafe(jSONObject2.toString().getBytes(), Key.STRING_CHARSET_NAME) + "." + WLBase64.encodeUrlSafe(jSONObject.toString().getBytes(), Key.STRING_CHARSET_NAME);
        return str2 + "." + WLBase64.encodeUrlSafe(signCsrData(str2, privateKey), Key.STRING_CHARSET_NAME);
    }
}
