package com.google.android.tv.remote.pairing;

import android.bluetooth.BluetoothAdapter;
import android.content.Context;
import android.os.Build;
import android.text.TextUtils;
import com.google.firebase.sessions.settings.RemoteSettings;
import com.google.polo.ssl.SslUtil;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.UUID;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes3.dex */
public final class KeyStoreManager {

    /* renamed from: d, reason: collision with root package name */
    public static String f29934d = "AndroidKeyStore";

    /* renamed from: e, reason: collision with root package name */
    public static final char[] f29935e = "KeyStore_Password".toCharArray();

    /* renamed from: a, reason: collision with root package name */
    public final Context f29936a;

    /* renamed from: b, reason: collision with root package name */
    public final KeyStore f29937b;

    /* renamed from: c, reason: collision with root package name */
    public final DynamicTrustManager f29938c;

    /* loaded from: classes3.dex */
    public static class DynamicTrustManager implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        public X509TrustManager f29939a;

        public DynamicTrustManager(KeyStore keyStore) {
            reloadTrustManager(keyStore);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.f29939a.checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.f29939a.checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        public void reloadTrustManager(KeyStore keyStore) {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                for (int i3 = 0; i3 < trustManagers.length; i3++) {
                    if (trustManagers[i3] instanceof X509TrustManager) {
                        this.f29939a = (X509TrustManager) trustManagers[i3];
                        return;
                    }
                }
                throw new IllegalStateException("No trust manager found");
            } catch (KeyStoreException | NoSuchAlgorithmException unused) {
            }
        }
    }

    public KeyStoreManager(Context context) {
        this.f29936a = context;
        KeyStore k10 = k();
        this.f29937b = k10;
        this.f29938c = new DynamicTrustManager(k10);
    }

    public static String b(String str) {
        return String.format("atvremote-remote-%s", str);
    }

    public static final String g(String str) {
        return "CN=atvremote/" + Build.PRODUCT + RemoteSettings.FORWARD_SLASH_STRING + Build.DEVICE + RemoteSettings.FORWARD_SLASH_STRING + Build.MODEL + RemoteSettings.FORWARD_SLASH_STRING + str;
    }

    public static String h(Certificate certificate) {
        X500Principal subjectX500Principal;
        if (!(certificate instanceof X509Certificate) || (subjectX500Principal = ((X509Certificate) certificate).getSubjectX500Principal()) == null) {
            return null;
        }
        return subjectX500Principal.getName();
    }

    public static final String i() {
        String str = Build.SERIAL;
        if (!TextUtils.isEmpty(str)) {
            return str;
        }
        String address = BluetoothAdapter.getDefaultAdapter().getAddress();
        return !TextUtils.isEmpty(address) ? address : UUID.randomUUID().toString();
    }

    public final void a() {
        try {
            Enumeration<String> aliases = this.f29937b.aliases();
            while (aliases.hasMoreElements()) {
                this.f29937b.deleteEntry(aliases.nextElement());
            }
        } catch (KeyStoreException unused) {
        }
        store();
    }

    public final void c(KeyStore keyStore) throws GeneralSecurityException {
        d(keyStore, "atvremote-local");
    }

    public void clear() {
        a();
        try {
            c(this.f29937b);
        } catch (GeneralSecurityException unused) {
        }
        store();
    }

    public final void d(KeyStore keyStore, String str) throws GeneralSecurityException {
        e(keyStore, str, i());
    }

    public final void e(KeyStore keyStore, String str, String str2) throws GeneralSecurityException {
        KeyPair generateKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
        keyStore.setKeyEntry(str, generateKeyPair.getPrivate(), null, new Certificate[]{SslUtil.generateX509V3Certificate(generateKeyPair, g(str2))});
    }

    public final KeyStore f() throws GeneralSecurityException {
        KeyStore keyStore;
        if (m()) {
            keyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                keyStore.load(null);
            } catch (IOException e10) {
                throw new GeneralSecurityException("Unable to create empty keyStore", e10);
            }
        } else {
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                keyStore.load(null, f29935e);
            } catch (IOException e11) {
                throw new GeneralSecurityException("Unable to create empty keyStore", e11);
            }
        }
        c(keyStore);
        return keyStore;
    }

    public KeyManager[] getKeyManagers() throws GeneralSecurityException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(this.f29937b, "".toCharArray());
        return keyManagerFactory.getKeyManagers();
    }

    public TrustManager[] getTrustManagers() throws GeneralSecurityException {
        try {
            return new DynamicTrustManager[]{this.f29938c};
        } catch (Exception e10) {
            throw new GeneralSecurityException(e10);
        }
    }

    public boolean hasServerIdentityAlias() {
        return j(this.f29937b);
    }

    public void initializeKeyStore() {
        initializeKeyStore(i());
    }

    public void initializeKeyStore(String str) {
        a();
        try {
            e(this.f29937b, "atvremote-remote", str);
            store();
        } catch (GeneralSecurityException e10) {
            throw new IllegalStateException("Unable to create identity KeyStore", e10);
        }
    }

    public final boolean j(KeyStore keyStore) {
        try {
            return keyStore.containsAlias("atvremote-local");
        } catch (KeyStoreException unused) {
            return false;
        }
    }

    public final KeyStore k() {
        KeyStore keyStore;
        KeyStore keyStore2 = null;
        try {
            if (m()) {
                keyStore = KeyStore.getInstance(f29934d);
                keyStore.load(null);
            } else {
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(this.f29936a.openFileInput("atvremote.keystore"), f29935e);
            }
            keyStore2 = keyStore;
        } catch (IOException | GeneralSecurityException unused) {
        } catch (KeyStoreException e10) {
            throw new IllegalStateException("Unable to get default instance of KeyStore", e10);
        }
        if (keyStore2 != null && j(keyStore2)) {
            return keyStore2;
        }
        try {
            KeyStore f10 = f();
            l(f10);
            return f10;
        } catch (GeneralSecurityException e11) {
            throw new IllegalStateException("Unable to create identity KeyStore", e11);
        }
    }

    public final void l(KeyStore keyStore) {
        if (m()) {
            return;
        }
        try {
            FileOutputStream openFileOutput = this.f29936a.openFileOutput("atvremote.keystore", 0);
            keyStore.store(openFileOutput, f29935e);
            openFileOutput.close();
        } catch (IOException e10) {
            throw new IllegalStateException("Unable to store keyStore", e10);
        } catch (GeneralSecurityException e11) {
            throw new IllegalStateException("Unable to store keyStore", e11);
        }
    }

    public final boolean m() {
        return true;
    }

    public Certificate removeCertificate(String str) {
        try {
            String b10 = b(str);
            if (!this.f29937b.containsAlias(b10)) {
                return null;
            }
            Certificate certificate = this.f29937b.getCertificate(b10);
            this.f29937b.deleteEntry(b10);
            store();
            return certificate;
        } catch (KeyStoreException unused) {
            return null;
        }
    }

    public void store() {
        this.f29938c.reloadTrustManager(this.f29937b);
        l(this.f29937b);
    }

    public void storeCertificate(Certificate certificate) {
        storeCertificate(certificate, Integer.toString(certificate.hashCode()));
    }

    public void storeCertificate(Certificate certificate, String str) {
        try {
            String b10 = b(str);
            String h10 = h(certificate);
            if (this.f29937b.containsAlias(b10)) {
                this.f29937b.deleteEntry(b10);
            }
            if (h10 != null) {
                Enumeration<String> aliases = this.f29937b.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    String h11 = h(this.f29937b.getCertificate(nextElement));
                    if (h11 != null && h11.equals(h10)) {
                        StringBuilder sb2 = new StringBuilder();
                        sb2.append("Deleting entry for ");
                        sb2.append(nextElement);
                        sb2.append(" (");
                        sb2.append(h11);
                        sb2.append(")");
                        this.f29937b.deleteEntry(nextElement);
                    }
                }
            }
            this.f29937b.setCertificateEntry(b10, certificate);
            store();
        } catch (KeyStoreException unused) {
        }
    }
}
