package de.backessrt.appguard.app.pro.utils;

import android.content.Context;
import android.content.pm.Signature;
import android.util.Log;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.spongycastle.a.bd;
import org.spongycastle.a.bi;
import org.spongycastle.a.s;
import org.spongycastle.a.s.ai;
import org.spongycastle.a.s.ak;
import org.spongycastle.a.s.ar;
import org.spongycastle.a.s.t;

/* compiled from: CertificateManager.java */
/* loaded from: classes.dex */
public final class e {

    /* renamed from: a, reason: collision with root package name */
    public static final org.spongycastle.a.r.c f699a;
    public static final org.spongycastle.a.r.c b;
    private static final char[] d = new char[0];
    private static e e;
    public final KeyStore c;
    private final File f;

    /* compiled from: CertificateManager.java */
    /* loaded from: classes.dex */
    public static class a extends RuntimeException {
        public a(Throwable th) {
            super(th);
        }
    }

    /* compiled from: CertificateManager.java */
    /* loaded from: classes.dex */
    public class b extends Exception {
        public b(Throwable th) {
            super(th);
        }
    }

    /* compiled from: CertificateManager.java */
    /* loaded from: classes.dex */
    public static class c {

        /* renamed from: a, reason: collision with root package name */
        public PrivateKey f701a;
        public X509Certificate b;

        public c(PrivateKey privateKey, X509Certificate x509Certificate) {
            this.f701a = privateKey;
            this.b = x509Certificate;
        }
    }

    static {
        org.spongycastle.a.r.d dVar = new org.spongycastle.a.r.d(org.spongycastle.a.r.a.b.J);
        dVar.a(org.spongycastle.a.r.a.b.e, "SRT AppGuard 2.0");
        dVar.a(org.spongycastle.a.r.a.b.b, "Backes SRT GmbH");
        dVar.a(org.spongycastle.a.r.a.b.f848a, "DE");
        f699a = dVar.a();
        org.spongycastle.a.r.d dVar2 = new org.spongycastle.a.r.d(org.spongycastle.a.r.a.b.J);
        dVar2.a(org.spongycastle.a.r.a.b.e, "SRT AppGuard");
        dVar2.a(org.spongycastle.a.r.a.b.b, "Backes SRT GmbH");
        dVar2.a(org.spongycastle.a.r.a.b.f848a, "DE");
        b = dVar2.a();
        e = null;
    }

    private e(Context context) {
        try {
            this.c = KeyStore.getInstance("BKS", "SC");
            this.f = new File(context.getFilesDir(), "keystore.bks");
            a();
        } catch (IOException e2) {
            e = e2;
            throw new a(e);
        } catch (KeyStoreException e3) {
            e = e3;
            throw new a(e);
        } catch (NoSuchAlgorithmException e4) {
            throw new RuntimeException("Required security algorithm not found!", e4);
        } catch (NoSuchProviderException e5) {
            throw new RuntimeException("SpongyCastle security provider not found!", e5);
        } catch (CertificateException e6) {
            e = e6;
            throw new a(e);
        }
    }

    public static synchronized e a(Context context) {
        e eVar;
        synchronized (e.class) {
            if (e == null) {
                e = new e(context);
            }
            eVar = e;
        }
        return eVar;
    }

    private synchronized void a() {
        if (this.f.exists()) {
            FileInputStream fileInputStream = new FileInputStream(this.f);
            try {
                try {
                    this.c.load(fileInputStream, d);
                } catch (IOException e2) {
                    if ("Wrong version of key store.".equals(e2.getMessage())) {
                        Log.e("CertificateManager", "Corrupted key store. Using empty/new key store.");
                    }
                    throw new b(e2);
                }
            } finally {
                fileInputStream.close();
            }
        } else {
            this.c.load(null, d);
        }
    }

    private synchronized void b() {
        FileOutputStream fileOutputStream = new FileOutputStream(this.f);
        try {
            this.c.store(fileOutputStream, d);
        } finally {
            fileOutputStream.close();
        }
    }

    public final c a(Signature signature) {
        String str;
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(signature.toByteArray()));
            String certificateAlias = this.c.getCertificateAlias(x509Certificate);
            if (certificateAlias == null) {
                StringBuilder append = new StringBuilder().append(new String(x509Certificate.getPublicKey().getEncoded())).append("#");
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
                messageDigest.update(x509Certificate.getSignature());
                str = append.append(new String(messageDigest.digest())).toString();
            } else {
                str = certificateAlias;
            }
            if (this.c.isKeyEntry(str)) {
                Log.d("CertificateManager", "Certificate for signature " + signature + " exists.");
                return new c((PrivateKey) this.c.getKey(str, str.toCharArray()), (X509Certificate) this.c.getCertificate(str));
            }
            Log.d("CertificateManager", "Certificate for signature " + signature + " does not exist: Generating new certificate.");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PublicKey publicKey = generateKeyPair.getPublic();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            org.spongycastle.b.d dVar = new org.spongycastle.b.d(f699a, BigInteger.valueOf(new SecureRandom().nextInt()), new Date(System.currentTimeMillis() - 2592000000L), new Date(System.currentTimeMillis() + 315360000000L), f699a, new ai((s) s.b(publicKey.getEncoded())));
            org.spongycastle.f.a a2 = new org.spongycastle.f.a.a("SHA1withRSA").a(privateKey);
            dVar.f922a.c = a2.a();
            if (!dVar.b.b.isEmpty()) {
                ar arVar = dVar.f922a;
                t a3 = dVar.b.a();
                arVar.i = a3;
                org.spongycastle.a.s.s a4 = a3.a(org.spongycastle.a.s.s.e);
                if (a4 != null && a4.G) {
                    arVar.j = true;
                }
            }
            ar arVar2 = dVar.f922a;
            if (arVar2.b == null || arVar2.c == null || arVar2.d == null || arVar2.e == null || arVar2.f == null || ((arVar2.g == null && !arVar2.j) || arVar2.h == null)) {
                throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
            }
            org.spongycastle.a.e eVar = new org.spongycastle.a.e();
            eVar.a(arVar2.f874a);
            eVar.a(arVar2.b);
            eVar.a(arVar2.c);
            eVar.a(arVar2.d);
            org.spongycastle.a.e eVar2 = new org.spongycastle.a.e();
            eVar2.a(arVar2.e);
            eVar2.a(arVar2.f);
            eVar.a(new bd(eVar2));
            if (arVar2.g != null) {
                eVar.a(arVar2.g);
            } else {
                eVar.a(new bd());
            }
            eVar.a(arVar2.h);
            if (arVar2.k != null) {
                eVar.a(new bi(false, 1, arVar2.k));
            }
            if (arVar2.l != null) {
                eVar.a(new bi(false, 2, arVar2.l));
            }
            if (arVar2.i != null) {
                eVar.a(new bi(true, 3, arVar2.i));
            }
            X509Certificate a5 = new org.spongycastle.b.a.d().a(org.spongycastle.b.b.a(a2, ak.a(new bd(eVar))));
            a(str, privateKey, a5);
            return new c(privateKey, a5);
        } catch (IOException e2) {
            e = e2;
            throw new a(e);
        } catch (KeyStoreException e3) {
            e = e3;
            throw new a(e);
        } catch (NoSuchAlgorithmException e4) {
            throw new RuntimeException("Required security algorithm not found!", e4);
        } catch (UnrecoverableKeyException e5) {
            e = e5;
            throw new a(e);
        } catch (CertificateException e6) {
            e = e6;
            throw new a(e);
        } catch (org.spongycastle.f.g e7) {
            e = e7;
            throw new a(e);
        }
    }

    public final void a(String str, PrivateKey privateKey, Certificate certificate) {
        this.c.setKeyEntry(str, privateKey, str.toCharArray(), new Certificate[]{certificate});
        b();
    }
}
