package com.centrify.android.utils;

import android.content.Context;
import android.util.Base64;
import com.centrify.agent.samsung.utils.LogUtil;
import com.centrify.android.AppConfig;
import com.centrify.android.centrifypreference.CentrifyPreferenceUtils;
import com.centrify.android.centrifypreference.KeyConstants;
import com.centrify.android.keystore.KeyStoreManager;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import org.apache.commons.lang3.StringUtils;
import org.spongycastle.cert.jcajce.JcaCertStore;
import org.spongycastle.cms.CMSException;
import org.spongycastle.cms.CMSProcessableByteArray;
import org.spongycastle.cms.CMSSignedDataGenerator;
import org.spongycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.spongycastle.util.Store;

/* loaded from: classes.dex */
public final class KeyStoreUtils {
    private static final String TAG = "KeyStoreUtils";

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    private KeyStoreUtils() {
    }

    public static X509Certificate certificateFromPkcs12(KeyStore keyStore) throws KeyStoreException {
        String str = "";
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            str = aliases.nextElement();
            if (keyStore.isKeyEntry(str)) {
                break;
            }
        }
        return (X509Certificate) keyStore.getCertificate(str);
    }

    public static X509Certificate certificateFromPkcs12(KeyStore keyStore, String str) throws KeyStoreException {
        String trim = str.trim();
        boolean containsAlias = keyStore.containsAlias(trim);
        LogUtil.info(TAG, "isCertPresent" + containsAlias);
        if (containsAlias) {
            return (X509Certificate) keyStore.getCertificate(trim);
        }
        return null;
    }

    public static byte[] generateCertWithNewPassword(Context context, String str, char[] cArr, char[] cArr2) {
        return generateCertWithNewPassword(loadCertFromFile(context, str, cArr), cArr2);
    }

    public static byte[] generateCertWithNewPassword(KeyStore keyStore, char[] cArr) {
        ByteArrayOutputStream byteArrayOutputStream;
        ByteArrayOutputStream byteArrayOutputStream2 = null;
        try {
            if (keyStore != null) {
                try {
                    byteArrayOutputStream = new ByteArrayOutputStream();
                } catch (IOException e) {
                    e = e;
                } catch (KeyStoreException e2) {
                    e = e2;
                } catch (NoSuchAlgorithmException e3) {
                    e = e3;
                } catch (CertificateException e4) {
                    e = e4;
                }
                try {
                    keyStore.store(byteArrayOutputStream, cArr);
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    IOUtils.closeSilently(byteArrayOutputStream);
                    return byteArray;
                } catch (IOException e5) {
                    e = e5;
                    byteArrayOutputStream2 = byteArrayOutputStream;
                    LogUtil.error(TAG, e.getMessage(), e);
                    IOUtils.closeSilently(byteArrayOutputStream2);
                    return null;
                } catch (KeyStoreException e6) {
                    e = e6;
                    byteArrayOutputStream2 = byteArrayOutputStream;
                    LogUtil.error(TAG, e.getMessage(), e);
                    IOUtils.closeSilently(byteArrayOutputStream2);
                    return null;
                } catch (NoSuchAlgorithmException e7) {
                    e = e7;
                    byteArrayOutputStream2 = byteArrayOutputStream;
                    LogUtil.error(TAG, e.getMessage(), e);
                    IOUtils.closeSilently(byteArrayOutputStream2);
                    return null;
                } catch (CertificateException e8) {
                    e = e8;
                    byteArrayOutputStream2 = byteArrayOutputStream;
                    LogUtil.error(TAG, e.getMessage(), e);
                    IOUtils.closeSilently(byteArrayOutputStream2);
                    return null;
                } catch (Throwable th) {
                    th = th;
                    byteArrayOutputStream2 = byteArrayOutputStream;
                    IOUtils.closeSilently(byteArrayOutputStream2);
                    throw th;
                }
            }
            IOUtils.closeSilently(null);
            return null;
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public static KeyStore generateKeyStore(String str, char[] cArr) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException {
        return generateKeyStore(Base64.decode(str, 0), cArr);
    }

    public static KeyStore generateKeyStore(byte[] bArr, char[] cArr) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException {
        ByteArrayInputStream byteArrayInputStream;
        KeyStore keyStore = KeyStore.getInstance("PKCS12", AppConfig.SECURITY_PROVIDER);
        ByteArrayInputStream byteArrayInputStream2 = null;
        try {
            byteArrayInputStream = new ByteArrayInputStream(bArr);
        } catch (Throwable th) {
            th = th;
        }
        try {
            keyStore.load(byteArrayInputStream, cArr);
            IOUtils.closeSilently(byteArrayInputStream);
            return keyStore;
        } catch (Throwable th2) {
            th = th2;
            byteArrayInputStream2 = byteArrayInputStream;
            IOUtils.closeSilently(byteArrayInputStream2);
            throw th;
        }
    }

    public static char[] getSecretInUse(Context context) {
        return CentrifyPreferenceUtils.getBoolean(KeyConstants.PREF_PREFERRED_SECRET, false) ? DeviceUtils.getDeviceUDID(context).toCharArray() : KeyStoreManager.LOCAL_CERT_PASSWORD;
    }

    public static boolean isLocalStorageUsed(Context context) {
        return context.getFileStreamPath(KeyStoreManager.USER_CERT).exists();
    }

    private static KeyStore loadCertFromFile(Context context, String str, char[] cArr) {
        KeyStore keyStore = null;
        FileInputStream fileInputStream = null;
        try {
            if (context.getFileStreamPath(str).exists()) {
                fileInputStream = context.openFileInput(str);
                keyStore = KeyStore.getInstance("PKCS12", AppConfig.SECURITY_PROVIDER);
                keyStore.load(fileInputStream, cArr);
            }
        } catch (Exception e) {
            keyStore = null;
            LogUtil.error(TAG, e.getMessage(), e);
        } finally {
            IOUtils.closeSilently(fileInputStream);
        }
        return keyStore;
    }

    public static Key privateKeyFromPkcs12(KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String str = "";
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            str = aliases.nextElement();
            if (keyStore.isKeyEntry(str)) {
                break;
            }
        }
        return keyStore.getKey(str.trim(), null);
    }

    public static Key privateKeyFromPkcs12(KeyStore keyStore, String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String trim = str.trim();
        LogUtil.info(TAG, "privateKeyFromPkcs12 is cert present" + keyStore.containsAlias(str) + ":" + str);
        return keyStore.getKey(trim, null);
    }

    public static byte[] signWithCert(byte[] bArr, X509Certificate x509Certificate, PrivateKey privateKey, String str) throws OperatorCreationException, CertificateEncodingException, CMSException, IOException {
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        if (StringUtils.isEmpty(str)) {
            cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()).build(new JcaContentSignerBuilder("SHA1withRSA").build(privateKey), x509Certificate));
        } else {
            cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(str).build()).build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(str).build(privateKey), x509Certificate));
        }
        cMSSignedDataGenerator.addCertificates(x509StoreWithCertificate(x509Certificate));
        return cMSSignedDataGenerator.generate(new CMSProcessableByteArray(bArr), true).getEncoded();
    }

    public static char[] usePreferredSecret(Context context) {
        CentrifyPreferenceUtils.putBoolean(KeyConstants.PREF_PREFERRED_SECRET, true);
        return DeviceUtils.getDeviceUDID(context).toCharArray();
    }

    private static Store x509StoreWithCertificate(X509Certificate x509Certificate) throws CertificateEncodingException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(x509Certificate);
        return new JcaCertStore(arrayList);
    }
}
