package r4;

import android.util.Log;
import h5.d;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.net.Socket;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.holylobster.nuntius.activity.SettingsActivity;

/* loaded from: classes.dex */
public abstract class b {

    /* renamed from: a, reason: collision with root package name */
    private static final Provider f20108a = new k5.a();

    /* renamed from: b, reason: collision with root package name */
    static final Date f20109b = new Date(System.currentTimeMillis() - 31536000000L);

    /* renamed from: c, reason: collision with root package name */
    static final Date f20110c = new Date(253402300799000L);

    /* renamed from: d, reason: collision with root package name */
    private static final char[] f20111d = null;

    /* renamed from: e, reason: collision with root package name */
    private static final String f20112e = b.class.getSimpleName();

    /* renamed from: r4.b$b, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    private static class C0099b implements X509KeyManager {
        private C0099b() {
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return "nuntius";
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            Log.i(b.f20112e, "getCertificateChain for " + str);
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                return new X509Certificate[]{(X509Certificate) keyStore.getCertificate(str)};
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e6) {
                Log.e(b.f20112e, "Error during getCertificateChain(" + str + ")", e6);
                return null;
            }
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return new String[0];
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            Log.i(b.f20112e, "getPrivateKey for " + str);
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                return (PrivateKey) keyStore.getKey(str, null);
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e6) {
                Log.e(b.f20112e, "Error during getPrivateKey(" + str + ")", e6);
                return null;
            }
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return new String[]{"nuntius"};
        }
    }

    /* loaded from: classes.dex */
    private static class c implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        private final File f20113a;

        /* renamed from: b, reason: collision with root package name */
        private X509TrustManager f20114b;

        public c(File file) {
            this.f20113a = file;
            d();
        }

        private byte[] a(X509Certificate x509Certificate) {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
            messageDigest.reset();
            return messageDigest.digest(x509Certificate.getEncoded());
        }

        private KeyStore b() {
            FileInputStream fileInputStream;
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            FileInputStream fileInputStream2 = null;
            if (this.f20113a.exists()) {
                Log.i(b.f20112e, "Loading certificates from Trust store (" + this.f20113a + ")");
                try {
                    fileInputStream = new FileInputStream(this.f20113a);
                } catch (Throwable th) {
                    th = th;
                }
                try {
                    keyStore.load(fileInputStream, null);
                    try {
                        fileInputStream.close();
                    } catch (IOException unused) {
                    }
                } catch (Throwable th2) {
                    th = th2;
                    fileInputStream2 = fileInputStream;
                    if (fileInputStream2 != null) {
                        try {
                            fileInputStream2.close();
                        } catch (IOException unused2) {
                        }
                    }
                    throw th;
                }
            } else {
                Log.i(b.f20112e, "Creating custom Trust Manager " + this.f20113a.getAbsolutePath());
                keyStore.load(null, null);
                keyStore.store(new FileOutputStream(this.f20113a), null);
            }
            return keyStore;
        }

        private boolean c(X509Certificate x509Certificate) {
            r4.a U = SettingsActivity.U();
            if (U == null) {
                return false;
            }
            try {
            } catch (Exception e6) {
                Log.e(b.f20112e, "Error trying to pair a new certificate", e6);
            }
            if (!Arrays.equals(a(x509Certificate), U.b())) {
                Log.e(b.f20112e, "The fingerprint does NOT match!");
                return false;
            }
            Log.i(b.f20112e, "The fingerprint matches!");
            e(x509Certificate, U.a());
            d();
            return true;
        }

        private void d() {
            KeyStore b6 = b();
            Enumeration<String> aliases = b6.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Log.i(b.f20112e, "Trusted certificate " + nextElement + ": " + b6.getCertificate(nextElement));
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(b6);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            for (TrustManager trustManager : trustManagers) {
                if (trustManager instanceof X509TrustManager) {
                    this.f20114b = (X509TrustManager) trustManager;
                    return;
                }
            }
            throw new NoSuchAlgorithmException("No X509TrustManager in TrustManagerFactory");
        }

        private void e(Certificate certificate, String str) {
            KeyStore b6 = b();
            Log.i(b.f20112e, "Adding certificate ID " + str + " to Trust store (" + this.f20113a + "): " + certificate);
            b6.setCertificateEntry(str, certificate);
            b6.store(new FileOutputStream(this.f20113a), null);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            Log.i(b.f20112e, "Checking client certificate chain " + x509CertificateArr);
            try {
                this.f20114b.checkClientTrusted(x509CertificateArr, str);
            } catch (CertificateException e6) {
                if (!c(x509CertificateArr[0])) {
                    throw e6;
                }
                this.f20114b.checkClientTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            this.f20114b.checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.f20114b.getAcceptedIssuers();
        }
    }

    public static void b() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        Enumeration<String> aliases = keyStore.aliases();
        boolean z5 = false;
        while (aliases.hasMoreElements()) {
            if ("nuntius".equals(aliases.nextElement())) {
                String str = f20112e;
                Log.i(str, "Self Signed Certificate found in keystore");
                Log.i(str, "Key: " + keyStore.getKey("nuntius", f20111d));
                Log.i(str, "Certificate: " + keyStore.getCertificate("nuntius"));
                z5 = true;
            }
        }
        if (z5) {
            return;
        }
        String str2 = f20112e;
        Log.i(str2, "Self Signed Certificate not found in keystore. Generating a new one...");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(1024);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        c5.c cVar = new c5.c("CN=nuntius");
        X509Certificate a6 = new h5.c().a(new d(cVar, new BigInteger(64, new SecureRandom()), f20109b, f20110c, cVar, generateKeyPair.getPublic()).a(new m5.a("SHA256WithRSAEncryption").b(generateKeyPair.getPrivate())));
        a6.verify(generateKeyPair.getPublic());
        Log.i(str2, "Certificate generated: " + a6);
        keyStore.setKeyEntry("nuntius", generateKeyPair.getPrivate(), f20111d, new Certificate[]{a6});
    }

    public static SSLContext c(File file) {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(new KeyManager[]{new C0099b()}, new TrustManager[]{new c(file)}, null);
        return sSLContext;
    }
}
