package com.worklight.common.security;

import android.content.Context;
import com.kohls.mcommerce.opal.wallet.util.Constants;
import com.worklight.common.Logger;
import com.worklight.utils.Base64;
import java.io.ByteArrayInputStream;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import org.json.JSONObject;

/* loaded from: classes.dex */
public abstract class WLCertManager {
    protected static final String ALG = "alg";
    private static final String APPLICATION = "application";
    protected static final String EXP = "exp";
    protected static final String JPK = "jpk";
    private static String KEYSTORE_FILENAME = null;
    protected static final String MOD = "mod";
    protected static final String RSA = "RSA";
    protected static final String X5C = "x5c";
    private static char[] keyStorePassword;
    private static Logger logger = Logger.getInstance("wl.certManager");
    protected Context context;
    protected HashMap<String, KeyPair> keyPairHash = new HashMap<>();

    /* JADX INFO: Access modifiers changed from: protected */
    public WLCertManager(String str, char[] cArr) {
        KEYSTORE_FILENAME = str;
        keyStorePassword = cArr;
    }

    private byte[] signCsrData(String str, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return signature.sign();
    }

    /* JADX WARN: Removed duplicated region for block: B:21:0x009e A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:29:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:30:0x0099 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:40:0x0149 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:45:0x0144 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void clearKeystore(java.lang.String r13) throws java.security.KeyStoreException {
        /*
            Method dump skipped, instructions count: 425
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.clearKeystore(java.lang.String):void");
    }

    public KeyPair generateKeyPair(String str, int i) throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA);
        keyPairGenerator.initialize(i);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        this.keyPairHash.put(getAlias(str), genKeyPair);
        return genKeyPair;
    }

    protected abstract String getAlias(String str);

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Removed duplicated region for block: B:11:0x00bd  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.security.KeyStore.PrivateKeyEntry getPrivateKeyEntry(java.lang.String r26) throws java.io.IOException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, android.content.pm.PackageManager.NameNotFoundException, java.security.UnrecoverableEntryException {
        /*
            Method dump skipped, instructions count: 539
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.getPrivateKeyEntry(java.lang.String):java.security.KeyStore$PrivateKeyEntry");
    }

    public void init(Context context) {
        this.context = context;
    }

    public boolean isCertificateExists(String str) {
        if (this.context != null) {
            try {
                r2 = getPrivateKeyEntry(str) != null;
            } catch (Exception e) {
                logger.error("Failed to determine the existence of certificate for device authentication with " + e.getMessage(), e);
            }
        }
        return r2;
    }

    /* JADX WARN: Removed duplicated region for block: B:18:0x016c A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:26:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:27:0x0167 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:37:0x0195 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:42:0x0190 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void removeEntityKeyStoreValues(java.lang.String r20) throws java.security.KeyStoreException {
        /*
            Method dump skipped, instructions count: 580
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.removeEntityKeyStoreValues(java.lang.String):void");
    }

    public void saveCertificate(String str, String str2, String str3) throws Exception {
        if (str2 == null) {
            throw new Exception("cannot save null certificate");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str2.getBytes()));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        saveCertificate(str, x509Certificate, str3);
    }

    /* JADX WARN: Removed duplicated region for block: B:30:0x00c2  */
    /* JADX WARN: Removed duplicated region for block: B:32:0x00c7  */
    /* JADX WARN: Removed duplicated region for block: B:34:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:38:0x00ce  */
    /* JADX WARN: Removed duplicated region for block: B:40:0x00d3  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void saveCertificate(java.lang.String r15, java.security.cert.Certificate r16, java.lang.String r17) throws java.lang.Exception {
        /*
            r14 = this;
            boolean r10 = r14.isCertificateExists(r15)
            if (r10 == 0) goto Lf
            java.lang.Exception r10 = new java.lang.Exception
            java.lang.String r11 = "Error - Got a new Certificate, but an older one already exists, exiting process"
            r10.<init>(r11)
            throw r10
        Lf:
            java.lang.String r10 = java.security.KeyStore.getDefaultType()
            java.security.KeyStore r7 = java.security.KeyStore.getInstance(r10)
            java.io.File r8 = new java.io.File
            java.lang.StringBuilder r10 = new java.lang.StringBuilder
            r10.<init>()
            android.content.Context r11 = r14.context
            java.io.File r11 = r11.getFilesDir()
            java.lang.String r11 = r11.getAbsolutePath()
            java.lang.StringBuilder r10 = r10.append(r11)
            java.lang.String r11 = "/"
            java.lang.StringBuilder r10 = r10.append(r11)
            java.lang.String r11 = com.worklight.common.security.WLCertManager.KEYSTORE_FILENAME
            java.lang.StringBuilder r10 = r10.append(r11)
            java.lang.String r10 = r10.toString()
            r8.<init>(r10)
            r3 = 0
            r5 = 0
            boolean r10 = r8.exists()     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            if (r10 == 0) goto L9b
            java.io.FileInputStream r4 = new java.io.FileInputStream     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            r4.<init>(r8)     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            char[] r10 = com.worklight.common.security.WLCertManager.keyStorePassword     // Catch: java.lang.Throwable -> Ld7 java.lang.Exception -> Ldd
            r7.load(r4, r10)     // Catch: java.lang.Throwable -> Ld7 java.lang.Exception -> Ldd
            r4.close()     // Catch: java.lang.Throwable -> Ld7 java.lang.Exception -> Ldd
            r3 = r4
        L56:
            java.lang.String r1 = r14.getAlias(r15)     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            java.util.HashMap<java.lang.String, java.security.KeyPair> r10 = r14.keyPairHash     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            java.lang.String r11 = r14.getAlias(r15)     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            java.lang.Object r9 = r10.get(r11)     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            java.security.KeyPair r9 = (java.security.KeyPair) r9     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            java.security.PrivateKey r10 = r9.getPrivate()     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            char[] r11 = com.worklight.common.security.WLCertManager.keyStorePassword     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            r12 = 1
            java.security.cert.Certificate[] r12 = new java.security.cert.Certificate[r12]     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            r13 = 0
            r12[r13] = r16     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            r7.setKeyEntry(r1, r10, r11, r12)     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            java.io.FileOutputStream r6 = new java.io.FileOutputStream     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            r6.<init>(r8)     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            char[] r10 = com.worklight.common.security.WLCertManager.keyStorePassword     // Catch: java.lang.Throwable -> Lda java.lang.Exception -> Le0
            r7.store(r6, r10)     // Catch: java.lang.Throwable -> Lda java.lang.Exception -> Le0
            java.util.HashMap<java.lang.String, java.security.KeyPair> r10 = r14.keyPairHash     // Catch: java.lang.Throwable -> Lda java.lang.Exception -> Le0
            r0 = r17
            r10.remove(r0)     // Catch: java.lang.Throwable -> Lda java.lang.Exception -> Le0
            r9 = 0
            com.worklight.common.Logger r10 = com.worklight.common.security.WLCertManager.logger     // Catch: java.lang.Throwable -> Lda java.lang.Exception -> Le0
            java.lang.String r11 = "Certificate saved."
            r10.debug(r11)     // Catch: java.lang.Throwable -> Lda java.lang.Exception -> Le0
            if (r6 == 0) goto L94
            r6.close()
        L94:
            if (r3 == 0) goto Le3
            r3.close()
            r5 = r6
        L9a:
            return
        L9b:
            r10 = 0
            char[] r11 = com.worklight.common.security.WLCertManager.keyStorePassword     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            r7.load(r10, r11)     // Catch: java.lang.Exception -> La2 java.lang.Throwable -> Lcb
            goto L56
        La2:
            r2 = move-exception
        La3:
            com.worklight.common.Logger r10 = com.worklight.common.security.WLCertManager.logger     // Catch: java.lang.Throwable -> Lcb
            java.lang.StringBuilder r11 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> Lcb
            r11.<init>()     // Catch: java.lang.Throwable -> Lcb
            java.lang.String r12 = "Certificate for device authentication could not be saved with "
            java.lang.StringBuilder r11 = r11.append(r12)     // Catch: java.lang.Throwable -> Lcb
            java.lang.String r12 = r2.getMessage()     // Catch: java.lang.Throwable -> Lcb
            java.lang.StringBuilder r11 = r11.append(r12)     // Catch: java.lang.Throwable -> Lcb
            java.lang.String r11 = r11.toString()     // Catch: java.lang.Throwable -> Lcb
            r10.error(r11, r2)     // Catch: java.lang.Throwable -> Lcb
            if (r5 == 0) goto Lc5
            r5.close()
        Lc5:
            if (r3 == 0) goto L9a
            r3.close()
            goto L9a
        Lcb:
            r10 = move-exception
        Lcc:
            if (r5 == 0) goto Ld1
            r5.close()
        Ld1:
            if (r3 == 0) goto Ld6
            r3.close()
        Ld6:
            throw r10
        Ld7:
            r10 = move-exception
            r3 = r4
            goto Lcc
        Lda:
            r10 = move-exception
            r5 = r6
            goto Lcc
        Ldd:
            r2 = move-exception
            r3 = r4
            goto La3
        Le0:
            r2 = move-exception
            r5 = r6
            goto La3
        Le3:
            r5 = r6
            goto L9a
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.saveCertificate(java.lang.String, java.security.cert.Certificate, java.lang.String):void");
    }

    public String signCsr(JSONObject jSONObject, String str) throws Exception {
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put(ALG, "RS256");
        JSONObject jSONObject3 = new JSONObject();
        KeyPair keyPair = this.keyPairHash.get(getAlias(str));
        RSAPublicKey rSAPublicKey = (RSAPublicKey) keyPair.getPublic();
        jSONObject3.put(ALG, RSA);
        jSONObject3.put(MOD, Base64.encodeUrlSafe(rSAPublicKey.getModulus().toByteArray(), "UTF-8"));
        jSONObject3.put(EXP, Base64.encodeUrlSafe(rSAPublicKey.getPublicExponent().toByteArray(), "UTF-8"));
        jSONObject2.put(JPK, jSONObject3);
        String str2 = Base64.encodeUrlSafe(jSONObject2.toString().getBytes(), "UTF-8") + Constants.FULL_STOP + Base64.encodeUrlSafe(jSONObject.toString().getBytes(), "UTF-8");
        return str2 + Constants.FULL_STOP + Base64.encodeUrlSafe(signCsrData(str2, keyPair.getPrivate()), "UTF-8");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] signData(String str, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return signature.sign();
    }
}
