package hu.microsec.authenticator;

import android.content.Context;
import android.content.res.Resources;
import android.os.Build;
import com.dd.plist.ASCIIPropertyListParser;
import hu.microsec.authenticator.util.CertificateType;
import hu.microsec.authenticator.util.CertificateUtil;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class KeyStoreManager {
    public static final String ALIAS = "androidteszt";
    private static final String CERT_STORE_NAME = "cert.store";
    private static final String DUMMY_STORE_NAME = "dummy.store";
    private static final String TRUST_STORE_NAME = "trust.store";
    private Context context;
    private char[] masterPassword;
    private static final Logger LOGGER = LoggerFactory.getLogger(KeyStoreManager.class);
    private static final char[] CERT_STORE_PWD = "certificates".toCharArray();
    private static final char[] TRUST_STORE_PWD = "certificates".toCharArray();
    private KeyStore certStore = null;
    private KeyStore trustStore = null;

    /* loaded from: classes.dex */
    private static class KeyStoreManagerHolder {
        public static final KeyStoreManager INSTANCE = new KeyStoreManager();

        private KeyStoreManagerHolder() {
        }
    }

    private byte[] charsToBytes(char[] cArr) {
        byte[] bArr = new byte[cArr.length * 2];
        for (int i = 0; i < cArr.length; i++) {
            bArr[i * 2] = (byte) (cArr[i] >> '\b');
            bArr[(i * 2) + 1] = (byte) cArr[i];
        }
        return bArr;
    }

    private boolean checkFile(String str) {
        String[] fileList = this.context.fileList();
        if (fileList == null) {
            return false;
        }
        for (String str2 : fileList) {
            if (str.equals(str2)) {
                return true;
            }
        }
        return false;
    }

    private void copyCerts(KeyStore keyStore, KeyStore keyStore2) throws Exception {
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            LOGGER.info("Copy certificate: {}", nextElement);
            keyStore2.setCertificateEntry(nextElement, keyStore.getCertificate(nextElement));
        }
    }

    public static KeyStoreManager getInstance() {
        return KeyStoreManagerHolder.INSTANCE;
    }

    private KeyStore getMscDonorKeystore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, Resources.NotFoundException, IOException {
        KeyStore keyStore = KeyStore.getInstance("BKS");
        keyStore.load(this.context.getResources().openRawResource(R.raw.microsec), "123456".toCharArray());
        return keyStore;
    }

    private void initTrustStore() throws Exception {
        FileInputStream fileInputStream;
        KeyStore mscDonorKeystore = getMscDonorKeystore();
        this.trustStore = loadStore(TRUST_STORE_NAME, TRUST_STORE_PWD);
        copyCerts(mscDonorKeystore, this.trustStore);
        File file = new File("/system/etc/security/cacerts.bks");
        if (file.canRead()) {
            String[] strArr = {"changeit", "", "ez24get"};
            boolean z = false;
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str = strArr[i];
                FileInputStream fileInputStream2 = null;
                try {
                    try {
                        fileInputStream = new FileInputStream(file);
                    } catch (Exception e) {
                        e = e;
                    }
                } catch (Throwable th) {
                    th = th;
                }
                try {
                    KeyStore keyStore = KeyStore.getInstance("BKS");
                    keyStore.load(fileInputStream, str.toCharArray());
                    copyCerts(keyStore, this.trustStore);
                    z = true;
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e2) {
                            LOGGER.warn("Failed to close input stream: {}", file.getName());
                        }
                    }
                } catch (Exception e3) {
                    e = e3;
                    fileInputStream2 = fileInputStream;
                    LOGGER.warn("Failed to load system trust store: {}", e.getMessage());
                    if (fileInputStream2 != null) {
                        try {
                            fileInputStream2.close();
                        } catch (IOException e4) {
                            LOGGER.warn("Failed to close input stream: {}", file.getName());
                        }
                    }
                    i++;
                } catch (Throwable th2) {
                    th = th2;
                    fileInputStream2 = fileInputStream;
                    if (fileInputStream2 != null) {
                        try {
                            fileInputStream2.close();
                        } catch (IOException e5) {
                            LOGGER.warn("Failed to close input stream: {}", file.getName());
                        }
                    }
                    throw th;
                }
                i++;
            }
            if (!z) {
                LOGGER.error("Failed to load system trust store!");
            }
        }
        saveStore(TRUST_STORE_NAME, this.trustStore, TRUST_STORE_PWD);
    }

    private KeyStore loadStore(String str, char[] cArr) throws Exception {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            FileInputStream fileInputStream = null;
            try {
                try {
                    fileInputStream = this.context.openFileInput(str);
                    keyStore.load(fileInputStream, cArr);
                    fileInputStream.close();
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e) {
                            LOGGER.error("Failed to close file output stream for store {}", str, e);
                        }
                    }
                } catch (FileNotFoundException e2) {
                    LOGGER.warn("Store {} does not exists", str);
                    keyStore.load(null, null);
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e3) {
                            LOGGER.error("Failed to close file output stream for store {}", str, e3);
                        }
                    }
                } catch (Exception e4) {
                    throw e4;
                }
                return keyStore;
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e5) {
                        LOGGER.error("Failed to close file output stream for store {}", str, e5);
                    }
                }
                throw th;
            }
        } catch (Exception e6) {
            LOGGER.error("Failed to create store {}", str, e6);
            throw e6;
        }
    }

    private void saveCertStore() throws Exception {
        saveStore(CERT_STORE_NAME, this.certStore, CERT_STORE_PWD);
    }

    private void saveStore(String str, KeyStore keyStore, char[] cArr) throws Exception {
        if (keyStore == null) {
            throw new IllegalArgumentException("Store is null.");
        }
        if (cArr == null) {
            throw new IllegalArgumentException("Passwd is null.");
        }
        if (str == null) {
            throw new IllegalArgumentException("Name is null.");
        }
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = this.context.openFileOutput(str, 0);
                keyStore.store(fileOutputStream, cArr);
                fileOutputStream.flush();
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e) {
                        LOGGER.error("Failed to close file output stream {}", str, e);
                    }
                }
            } catch (Exception e2) {
                LOGGER.error("Failed to save store {}", str, e2);
                throw e2;
            }
        } catch (Throwable th) {
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e3) {
                    LOGGER.error("Failed to close file output stream {}", str, e3);
                }
            }
            throw th;
        }
    }

    public static boolean useCustomStores() {
        return Build.VERSION.SDK_INT < 14;
    }

    public void clearMasterPassword() {
        LOGGER.debug("clearing master password");
        if (this.masterPassword != null) {
            Arrays.fill(this.masterPassword, ASCIIPropertyListParser.DATA_GSOBJECT_BEGIN_TOKEN);
        }
        this.masterPassword = null;
    }

    public KeyStore createKeyStore(String str, Key key, Certificate[] certificateArr, char[] cArr) throws Exception {
        if (getCertStore().containsAlias(str)) {
            LOGGER.error("name already exists: {}", str);
            throw new KeyStoreException("name already exists: " + str);
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, null);
            keyStore.setKeyEntry(ALIAS, key, cArr, certificateArr);
            saveStore(str, keyStore, cArr);
            FileInputStream fileInputStream = null;
            try {
                try {
                    KeyStore keyStore2 = KeyStore.getInstance("PKCS12");
                    fileInputStream = this.context.openFileInput(str);
                    keyStore2.load(fileInputStream, cArr);
                    IOUtils.closeQuietly((InputStream) fileInputStream);
                    try {
                        getCertStore().setCertificateEntry(str, (X509Certificate) certificateArr[0]);
                        try {
                            LOGGER.info("Save cert store");
                            saveCertStore();
                            return keyStore;
                        } catch (Exception e) {
                            LOGGER.error("Failed to save cert store", (Throwable) e);
                            throw e;
                        }
                    } catch (KeyStoreException e2) {
                        LOGGER.error("Failed to add cert as '" + str + "' to store", (Throwable) e2);
                        throw e2;
                    }
                } catch (Throwable th) {
                    IOUtils.closeQuietly((InputStream) fileInputStream);
                    throw th;
                }
            } catch (Exception e3) {
                LOGGER.error("Failed to validate store {}", str, e3);
                throw e3;
            }
        } catch (Exception e4) {
            LOGGER.error("Failed to create key store", (Throwable) e4);
            throw e4;
        }
    }

    public void deleteKeyStore(String str) throws KeyStoreException, Exception {
        if (getCertStore().containsAlias(str)) {
            getCertStore().deleteEntry(str);
            saveCertStore();
        }
        if (this.context.deleteFile(str)) {
            return;
        }
        LOGGER.error("file not deleted: {}", str);
        throw new KeyStoreException("file not deleted: " + str);
    }

    public KeyStore getCertStore() throws Exception {
        if (this.certStore == null) {
            this.certStore = loadStore(CERT_STORE_NAME, CERT_STORE_PWD);
        }
        return this.certStore;
    }

    public List<String> getKeyAliasesByType(CertificateType certificateType) throws Exception {
        LinkedList linkedList = new LinkedList();
        Enumeration<String> aliases = getCertStore().aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (CertificateType.getCertificateType((X509Certificate) getCertStore().getCertificate(nextElement)).equals(certificateType)) {
                linkedList.add(nextElement);
            }
        }
        return linkedList;
    }

    public KeyStore getKeyStore(String str) throws Exception {
        if (getCertStore().containsAlias(str)) {
            return loadStore(str, this.masterPassword);
        }
        LOGGER.error("name does not exist: {}", str);
        throw new KeyStoreException("name does not exist: " + str);
    }

    public char[] getMasterPassword() {
        return this.masterPassword;
    }

    public KeyStore getTrustStore() throws Exception {
        if (this.trustStore == null) {
            if (!useCustomStores()) {
                KeyStore mscDonorKeystore = getMscDonorKeystore();
                HashSet<String> hashSet = new HashSet();
                Enumeration<String> aliases = mscDonorKeystore.aliases();
                while (aliases.hasMoreElements()) {
                    hashSet.add(new String(Hex.encodeHex(CertificateUtil.getFingerprint((X509Certificate) mscDonorKeystore.getCertificate(aliases.nextElement())))));
                }
                KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
                keyStore.load(null, null);
                Enumeration<String> aliases2 = keyStore.aliases();
                HashSet hashSet2 = new HashSet();
                while (aliases2.hasMoreElements()) {
                    hashSet2.add(new String(Hex.encodeHex(CertificateUtil.getFingerprint((X509Certificate) keyStore.getCertificate(aliases2.nextElement())))));
                }
                for (String str : hashSet) {
                    LOGGER.info("Search for donor cert '{}', Found:{}", str, Boolean.valueOf(hashSet2.contains(str)));
                }
                this.trustStore = keyStore;
            } else if (checkFile(TRUST_STORE_NAME)) {
                this.trustStore = loadStore(TRUST_STORE_NAME, TRUST_STORE_PWD);
            } else {
                initTrustStore();
            }
        }
        return this.trustStore;
    }

    public boolean hasMasterPassword() {
        return this.masterPassword != null;
    }

    public boolean isMasterPasswordExists() {
        return checkFile(DUMMY_STORE_NAME);
    }

    public void setApplicationContext(Context context) {
        this.context = context;
    }

    public boolean setMasterPassword(char[] cArr) {
        if (cArr == null || cArr.length == 0) {
            return true;
        }
        LOGGER.debug("readableMasterPassword is {}", "********");
        try {
            this.masterPassword = Hex.encodeHex(MessageDigest.getInstance("SHA-1").digest(charsToBytes(cArr)));
            LOGGER.debug("setting master password: {}", "********");
        } catch (NoSuchAlgorithmException e) {
            LOGGER.error("Failed to create master password", (Throwable) e);
        }
        if (!checkFile(DUMMY_STORE_NAME)) {
            LOGGER.info("Dummy store does not exists");
        }
        try {
            KeyStore loadStore = loadStore(DUMMY_STORE_NAME, this.masterPassword);
            if (!checkFile(DUMMY_STORE_NAME)) {
                try {
                    saveStore(DUMMY_STORE_NAME, loadStore, this.masterPassword);
                } catch (Exception e2) {
                    this.masterPassword = null;
                    LOGGER.error("Failed to store master password");
                    return false;
                }
            }
            return true;
        } catch (Exception e3) {
            LOGGER.error("Password check failed!");
            this.masterPassword = null;
            return false;
        }
    }
}
