package d.f.a.b.g.l;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Log;
import androidx.recyclerview.widget.RecyclerView;
import com.samsung.android.tvplus.api.gpm.ProvisioningManager;
import d.f.a.b.h.n.k1;
import f.c0.d.m;
import f.c0.d.y;
import f.v;
import java.io.ByteArrayInputStream;
import java.io.StringWriter;
import java.math.BigInteger;
import java.net.Socket;
import java.nio.charset.Charset;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* compiled from: CertificateHelper.kt */
/* loaded from: classes.dex */
public final class h {
    public static String a;

    /* renamed from: c, reason: collision with root package name */
    public static final h f13488c = new h();

    /* renamed from: b, reason: collision with root package name */
    public static final f.f f13487b = f.h.c(b.f13491b);

    /* compiled from: CertificateHelper.kt */
    /* loaded from: classes.dex */
    public static final class a extends X509ExtendedKeyManager {
        public final /* synthetic */ Context a;

        /* renamed from: b, reason: collision with root package name */
        public final /* synthetic */ X509Certificate f13489b;

        /* renamed from: c, reason: collision with root package name */
        public final /* synthetic */ KeyStore.PrivateKeyEntry f13490c;

        public a(Context context, X509Certificate x509Certificate, KeyStore.PrivateKeyEntry privateKeyEntry) {
            this.a = context;
            this.f13489b = x509Certificate;
            this.f13490c = privateKeyEntry;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return h.f13488c.i(this.a);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            X509Certificate x509Certificate = this.f13489b;
            if (x509Certificate != null) {
                return new X509Certificate[]{x509Certificate};
            }
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return new String[]{h.f13488c.i(this.a)};
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            KeyStore.PrivateKeyEntry privateKeyEntry = this.f13490c;
            if (privateKeyEntry != null) {
                return privateKeyEntry.getPrivateKey();
            }
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return null;
        }
    }

    /* compiled from: CertificateHelper.kt */
    /* loaded from: classes.dex */
    public static final class b extends m implements f.c0.c.a<d.f.a.b.h.q.a> {

        /* renamed from: b, reason: collision with root package name */
        public static final b f13491b = new b();

        public b() {
            super(0);
        }

        @Override // f.c0.c.a
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public final d.f.a.b.h.q.a c() {
            d.f.a.b.h.q.a aVar = new d.f.a.b.h.q.a();
            aVar.j("CertificateHelper");
            aVar.h(4);
            return aVar;
        }
    }

    public static /* synthetic */ void l(h hVar, Context context, KeyStore keyStore, int i2, Object obj) {
        if ((i2 & 2) != 0) {
            keyStore = null;
        }
        hVar.k(context, keyStore);
    }

    public final j.c.d.a b(KeyPair keyPair, String str) {
        y yVar = y.a;
        String format = String.format("O=Samsung Electronics,OU=SmartTV,CN=%s", Arrays.copyOf(new Object[]{str}, 1));
        f.c0.d.l.d(format, "java.lang.String.format(format, *args)");
        PrivateKey privateKey = keyPair.getPrivate();
        f.c0.d.l.d(privateKey, "keyPair.private");
        i iVar = new i(privateKey, "SHA256withRSA");
        j.c.a.b2.e eVar = new j.c.a.b2.e();
        eVar.a(j.c.a.b2.c.f19873d, true, new j.c.a.b2.b(true));
        j.c.d.c.a aVar = new j.c.d.c.a(new j.c.a.a2.c(format), keyPair.getPublic());
        aVar.a(j.c.a.z1.d.f19948k, eVar.c());
        j.c.d.a b2 = aVar.b(iVar);
        f.c0.d.l.d(b2, "JcaPKCS10CertificationRe…)\n        }.build(signer)");
        return b2;
    }

    public final byte[] c(Context context, String str) {
        f.c0.d.l.e(context, "context");
        f.c0.d.l.e(str, "certCommonName");
        if (a == null) {
            StringWriter stringWriter = new StringWriter();
            try {
                h hVar = f13488c;
                y yVar = y.a;
                String format = String.format("O=Samsung Electronics,OU=SmartTV,CN=%s", Arrays.copyOf(new Object[]{str}, 1));
                f.c0.d.l.d(format, "java.lang.String.format(format, *args)");
                j.c.e.e.b.b bVar = new j.c.e.e.b.b("CERTIFICATE REQUEST", f13488c.b(hVar.d(context, format), str).a());
                j.c.b.a.a aVar = new j.c.b.a.a(stringWriter);
                try {
                    aVar.b(bVar);
                    v vVar = v.a;
                    f.b0.a.a(aVar, null);
                    String stringWriter2 = stringWriter.toString();
                    f.b0.a.a(stringWriter, null);
                    a = stringWriter2;
                } finally {
                }
            } finally {
            }
        }
        String str2 = a;
        f.c0.d.l.c(str2);
        Charset charset = f.i0.c.a;
        if (str2 == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str2.getBytes(charset);
        f.c0.d.l.d(bytes, "(this as java.lang.String).getBytes(charset)");
        return bytes;
    }

    public final KeyPair d(Context context, String str) {
        Date date = new Date();
        Calendar gregorianCalendar = GregorianCalendar.getInstance();
        gregorianCalendar.roll(1, 3);
        Date time = gregorianCalendar.getTime();
        d.f.a.b.h.q.a f2 = f();
        boolean a2 = f2.a();
        if (d.f.a.b.h.q.b.b() || f2.b() <= 3 || a2) {
            String f3 = f2.f();
            StringBuilder sb = new StringBuilder();
            sb.append(f2.d());
            sb.append(d.f.a.b.h.t.a.e("key start time : " + date + ", end time : " + time, 0));
            Log.d(f3, sb.toString());
        }
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(i(context)).setKeySize(RecyclerView.s0.FLAG_MOVED).setSubject(new X500Principal(str)).setStartDate(date).setEndDate(time).setSerialNumber(BigInteger.TEN).build();
        f.c0.d.l.d(build, "KeyPairGeneratorSpec.Bui…TEN)\n            .build()");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build, new SecureRandom());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        f.c0.d.l.d(generateKeyPair, "KeyPairGenerator.getInst…teKeyPair()\n            }");
        return generateKeyPair;
    }

    public final KeyStore e() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore;
        } catch (Exception e2) {
            d.f.a.b.h.q.a f2 = f();
            Log.e(f2.f(), f2.d() + d.f.a.b.h.t.a.e("Failed to getKeyStore", 0));
            e2.printStackTrace();
            return null;
        }
    }

    public final d.f.a.b.h.q.a f() {
        return (d.f.a.b.h.q.a) f13487b.getValue();
    }

    public final k1 g(Context context) {
        f.c0.d.l.e(context, "context");
        KeyStore e2 = e();
        X509TrustManager x509TrustManager = null;
        Certificate certificate = e2 != null ? e2.getCertificate(h(context)) : null;
        if (!(certificate instanceof X509Certificate)) {
            certificate = null;
        }
        X509Certificate x509Certificate = (X509Certificate) certificate;
        KeyStore.Entry entry = e2 != null ? e2.getEntry(i(context), null) : null;
        if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
            entry = null;
        }
        a aVar = new a(context, x509Certificate, (KeyStore.PrivateKeyEntry) entry);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(e2);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        int i2 = 0;
        sSLContext.init(new a[]{aVar}, null, null);
        f.c0.d.l.d(trustManagerFactory, "tmf");
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        int length = trustManagers.length;
        while (true) {
            if (i2 >= length) {
                break;
            }
            TrustManager trustManager = trustManagers[i2];
            if (trustManager instanceof X509TrustManager) {
                x509TrustManager = (X509TrustManager) trustManager;
                break;
            }
            i2++;
        }
        f.c0.d.l.d(sSLContext, "sslContext");
        if (x509TrustManager != null) {
            return new k1(sSLContext, x509TrustManager);
        }
        throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.X509TrustManager");
    }

    public final String h(Context context) {
        return "TVPMobSigned" + ProvisioningManager.a.b(context).g().name();
    }

    public final String i(Context context) {
        return "TVPMobUnsigned" + ProvisioningManager.a.b(context).g().name();
    }

    public final boolean j(Context context) {
        f.c0.d.l.e(context, "context");
        KeyStore e2 = e();
        Certificate certificate = e2 != null ? e2.getCertificate(i(context)) : null;
        Certificate certificate2 = e2 != null ? e2.getCertificate(h(context)) : null;
        d.f.a.b.h.q.a f2 = f();
        boolean a2 = f2.a();
        if (d.f.a.b.h.q.b.b() || f2.b() <= 4 || a2) {
            String f3 = f2.f();
            StringBuilder sb = new StringBuilder();
            sb.append(f2.d());
            sb.append(d.f.a.b.h.t.a.e("server alias : " + ProvisioningManager.a.b(context).g().name(), 0));
            Log.i(f3, sb.toString());
        }
        d.f.a.b.h.q.a f4 = f();
        boolean a3 = f4.a();
        if (d.f.a.b.h.q.b.b() || f4.b() <= 4 || a3) {
            String f5 = f4.f();
            StringBuilder sb2 = new StringBuilder();
            sb2.append(f4.d());
            StringBuilder sb3 = new StringBuilder();
            sb3.append("check existence. unsigned : ");
            sb3.append(certificate != null);
            sb3.append(", signed : ");
            sb3.append(certificate2 != null);
            sb2.append(d.f.a.b.h.t.a.e(sb3.toString(), 0));
            Log.i(f5, sb2.toString());
        }
        if (certificate != null && certificate2 != null) {
            return true;
        }
        k(context, e2);
        return false;
    }

    public final void k(Context context, KeyStore keyStore) {
        f.c0.d.l.e(context, "context");
        d.f.a.b.h.q.a f2 = f();
        boolean a2 = f2.a();
        if (d.f.a.b.h.q.b.b() || f2.b() <= 4 || a2) {
            Log.i(f2.f(), f2.d() + d.f.a.b.h.t.a.e("removeCertificate", 0));
        }
        if (keyStore == null) {
            keyStore = e();
        }
        if (keyStore != null) {
            try {
                if (keyStore.getEntry(i(context), null) != null) {
                    keyStore.deleteEntry(f13488c.i(context));
                }
            } catch (Exception e2) {
                d.f.a.b.h.q.a f3 = f();
                String f4 = f3.f();
                StringBuilder sb = new StringBuilder();
                sb.append(f3.d());
                sb.append(d.f.a.b.h.t.a.e("removeCertificate. error:" + e2, 0));
                Log.e(f4, sb.toString());
            }
        }
        if (keyStore != null && keyStore.getEntry(h(context), null) != null) {
            keyStore.deleteEntry(f13488c.h(context));
        }
        a = null;
    }

    public final void m(Context context, String str) {
        f.c0.d.l.e(context, "context");
        f.c0.d.l.e(str, "signedCert");
        d.f.a.b.h.q.a f2 = f();
        boolean a2 = f2.a();
        if (d.f.a.b.h.q.b.b() || f2.b() <= 4 || a2) {
            Log.i(f2.f(), f2.d() + d.f.a.b.h.t.a.e("saveCertificate", 0));
        }
        KeyStore e2 = e();
        if (e2 != null) {
            byte[] bytes = str.getBytes(f.i0.c.a);
            f.c0.d.l.d(bytes, "(this as java.lang.String).getBytes(charset)");
            e2.setCertificateEntry(f13488c.h(context), CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bytes)));
        }
    }
}
