package com.worklight.common.security;

import android.app.Activity;
import android.content.Context;
import android.webkit.WebView;
import com.worklight.common.WLUtils;
import com.worklight.utils.Base64;
import java.io.ByteArrayInputStream;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public abstract class WLCertManager {
    protected static final String ALG = "alg";
    private static final String APPLICATION = "application";
    protected static final String EXP = "exp";
    protected static final String JPK = "jpk";
    private static String KEYSTORE_FILENAME = null;
    protected static final String MOD = "mod";
    protected static final String RSA = "RSA";
    protected static final String X5C = "x5c";
    private static char[] keyStorePassword;
    protected Context context;
    protected HashMap<String, KeyPair> keyPairHash = new HashMap<>();
    protected WebView webView;

    /* JADX INFO: Access modifiers changed from: protected */
    public WLCertManager(String str, char[] cArr) {
        KEYSTORE_FILENAME = str;
        keyStorePassword = cArr;
    }

    private byte[] signCsrData(String str, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return signature.sign();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:20:0x0105 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:29:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:30:0x00df A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.security.KeyStore] */
    /* JADX WARN: Type inference failed for: r2v0, types: [java.lang.StringBuilder] */
    /* JADX WARN: Type inference failed for: r3v11 */
    /* JADX WARN: Type inference failed for: r3v12 */
    /* JADX WARN: Type inference failed for: r3v13, types: [java.io.FileInputStream] */
    /* JADX WARN: Type inference failed for: r3v14, types: [java.io.FileInputStream, java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r3v15 */
    /* JADX WARN: Type inference failed for: r3v4, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r3v5 */
    /* JADX WARN: Type inference failed for: r3v6 */
    /* JADX WARN: Type inference failed for: r3v7, types: [java.io.FileInputStream] */
    /* JADX WARN: Type inference failed for: r3v8, types: [java.io.FileInputStream] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void clearKeystore(java.lang.String r6) throws java.security.KeyStoreException {
        /*
            Method dump skipped, instructions count: 351
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.clearKeystore(java.lang.String):void");
    }

    public KeyPair generateKeyPair(String str, int i) throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA);
        keyPairGenerator.initialize(i);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        this.keyPairHash.put(getAlias(str), genKeyPair);
        return genKeyPair;
    }

    protected abstract String getAlias(String str);

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Code restructure failed: missing block: B:74:0x0065, code lost:
    
        if (r3 != null) goto L25;
     */
    /* JADX WARN: Code restructure failed: missing block: B:75:0x0089, code lost:
    
        r3.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:79:0x0087, code lost:
    
        if (r3 == null) goto L34;
     */
    /* JADX WARN: Removed duplicated region for block: B:30:0x0177  */
    /* JADX WARN: Removed duplicated region for block: B:32:0x017c  */
    /* JADX WARN: Removed duplicated region for block: B:83:0x0090  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.security.KeyStore.PrivateKeyEntry getPrivateKeyEntry(java.lang.String r15) throws java.io.IOException, java.security.KeyStoreException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, android.content.pm.PackageManager.NameNotFoundException, java.security.UnrecoverableEntryException {
        /*
            Method dump skipped, instructions count: 389
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.getPrivateKeyEntry(java.lang.String):java.security.KeyStore$PrivateKeyEntry");
    }

    public void init(Activity activity, WebView webView) {
        this.webView = webView;
        this.context = activity;
    }

    public boolean isCertificateExists(String str) {
        if (this.context == null) {
            return false;
        }
        try {
            return getPrivateKeyEntry(str) != null;
        } catch (Exception e) {
            WLUtils.error("Failed to determine the existence of certificate for device authentication with " + e.getMessage(), e);
            return false;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:101:0x015f, code lost:
    
        if (r8 != null) goto L42;
     */
    /* JADX WARN: Code restructure failed: missing block: B:50:0x0125, code lost:
    
        if (r8 != null) goto L42;
     */
    /* JADX WARN: Code restructure failed: missing block: B:51:0x0127, code lost:
    
        r8.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x0162, code lost:
    
        r13 = r8;
        r8 = r5;
        r5 = r13;
     */
    /* JADX WARN: Removed duplicated region for block: B:63:0x0207 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:71:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:72:0x01e1 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:82:0x0256 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:89:? A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:90:0x0230 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void removeEntityKeyStoreValues(java.lang.String r15) throws java.security.KeyStoreException {
        /*
            Method dump skipped, instructions count: 635
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.removeEntityKeyStoreValues(java.lang.String):void");
    }

    public void saveCertificate(String str, String str2, String str3) throws Exception {
        if (str2 == null) {
            throw new Exception("cannot save null certificate");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str2.getBytes()));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        saveCertificate(str, x509Certificate, str3);
    }

    /* JADX WARN: Removed duplicated region for block: B:28:0x00ba  */
    /* JADX WARN: Removed duplicated region for block: B:30:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:35:0x00c6  */
    /* JADX WARN: Removed duplicated region for block: B:37:0x00cb  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void saveCertificate(java.lang.String r9, java.security.cert.Certificate r10, java.lang.String r11) throws java.lang.Exception {
        /*
            r8 = this;
            boolean r0 = r8.isCertificateExists(r9)
            if (r0 == 0) goto Le
            java.lang.Exception r9 = new java.lang.Exception
            java.lang.String r10 = "Error - Got a new Certificate, but an older one already exists, exiting process"
            r9.<init>(r10)
            throw r9
        Le:
            java.lang.String r0 = java.security.KeyStore.getDefaultType()
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0)
            java.io.File r1 = new java.io.File
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r2.<init>()
            android.content.Context r3 = r8.context
            java.io.File r3 = r3.getFilesDir()
            java.lang.String r3 = r3.getAbsolutePath()
            r2.append(r3)
            java.lang.String r3 = "/"
            r2.append(r3)
            java.lang.String r3 = com.worklight.common.security.WLCertManager.KEYSTORE_FILENAME
            r2.append(r3)
            java.lang.String r2 = r2.toString()
            r1.<init>(r2)
            r2 = 0
            boolean r3 = r1.exists()     // Catch: java.lang.Throwable -> L9b java.lang.Exception -> L9e
            if (r3 == 0) goto L52
            java.io.FileInputStream r3 = new java.io.FileInputStream     // Catch: java.lang.Throwable -> L9b java.lang.Exception -> L9e
            r3.<init>(r1)     // Catch: java.lang.Throwable -> L9b java.lang.Exception -> L9e
            char[] r4 = com.worklight.common.security.WLCertManager.keyStorePassword     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            r0.load(r3, r4)     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            r3.close()     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            goto L58
        L50:
            r9 = move-exception
            goto La0
        L52:
            char[] r3 = com.worklight.common.security.WLCertManager.keyStorePassword     // Catch: java.lang.Throwable -> L9b java.lang.Exception -> L9e
            r0.load(r2, r3)     // Catch: java.lang.Throwable -> L9b java.lang.Exception -> L9e
            r3 = r2
        L58:
            java.lang.String r4 = r8.getAlias(r9)     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            java.util.HashMap<java.lang.String, java.security.KeyPair> r5 = r8.keyPairHash     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            java.lang.String r9 = r8.getAlias(r9)     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            java.lang.Object r9 = r5.get(r9)     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            java.security.KeyPair r9 = (java.security.KeyPair) r9     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            java.security.PrivateKey r9 = r9.getPrivate()     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            char[] r5 = com.worklight.common.security.WLCertManager.keyStorePassword     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            r6 = 1
            java.security.cert.Certificate[] r6 = new java.security.cert.Certificate[r6]     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            r7 = 0
            r6[r7] = r10     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            r0.setKeyEntry(r4, r9, r5, r6)     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            java.io.FileOutputStream r9 = new java.io.FileOutputStream     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            r9.<init>(r1)     // Catch: java.lang.Exception -> L50 java.lang.Throwable -> Lc3
            char[] r10 = com.worklight.common.security.WLCertManager.keyStorePassword     // Catch: java.lang.Throwable -> L93 java.lang.Exception -> L97
            r0.store(r9, r10)     // Catch: java.lang.Throwable -> L93 java.lang.Exception -> L97
            java.util.HashMap<java.lang.String, java.security.KeyPair> r10 = r8.keyPairHash     // Catch: java.lang.Throwable -> L93 java.lang.Exception -> L97
            r10.remove(r11)     // Catch: java.lang.Throwable -> L93 java.lang.Exception -> L97
            java.lang.String r10 = "Certificate saved."
            com.worklight.common.WLUtils.debug(r10)     // Catch: java.lang.Throwable -> L93 java.lang.Exception -> L97
            if (r9 == 0) goto L90
            r9.close()
        L90:
            if (r3 == 0) goto Lc2
            goto Lbf
        L93:
            r10 = move-exception
            r2 = r9
            r9 = r10
            goto Lc4
        L97:
            r10 = move-exception
            r2 = r9
            r9 = r10
            goto La0
        L9b:
            r9 = move-exception
            r3 = r2
            goto Lc4
        L9e:
            r9 = move-exception
            r3 = r2
        La0:
            java.lang.StringBuilder r10 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> Lc3
            r10.<init>()     // Catch: java.lang.Throwable -> Lc3
            java.lang.String r11 = "Certificate for device authentication could not be saved with "
            r10.append(r11)     // Catch: java.lang.Throwable -> Lc3
            java.lang.String r11 = r9.getMessage()     // Catch: java.lang.Throwable -> Lc3
            r10.append(r11)     // Catch: java.lang.Throwable -> Lc3
            java.lang.String r10 = r10.toString()     // Catch: java.lang.Throwable -> Lc3
            com.worklight.common.WLUtils.error(r10, r9)     // Catch: java.lang.Throwable -> Lc3
            if (r2 == 0) goto Lbd
            r2.close()
        Lbd:
            if (r3 == 0) goto Lc2
        Lbf:
            r3.close()
        Lc2:
            return
        Lc3:
            r9 = move-exception
        Lc4:
            if (r2 == 0) goto Lc9
            r2.close()
        Lc9:
            if (r3 == 0) goto Lce
            r3.close()
        Lce:
            throw r9
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLCertManager.saveCertificate(java.lang.String, java.security.cert.Certificate, java.lang.String):void");
    }

    public String signCsr(JSONObject jSONObject, String str) throws Exception {
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put(ALG, "RS256");
        JSONObject jSONObject3 = new JSONObject();
        KeyPair keyPair = this.keyPairHash.get(getAlias(str));
        RSAPublicKey rSAPublicKey = (RSAPublicKey) keyPair.getPublic();
        jSONObject3.put(ALG, RSA);
        jSONObject3.put(MOD, Base64.encodeUrlSafe(rSAPublicKey.getModulus().toByteArray(), "UTF-8"));
        jSONObject3.put(EXP, Base64.encodeUrlSafe(rSAPublicKey.getPublicExponent().toByteArray(), "UTF-8"));
        jSONObject2.put(JPK, jSONObject3);
        String str2 = Base64.encodeUrlSafe(jSONObject2.toString().getBytes(), "UTF-8") + "." + Base64.encodeUrlSafe(jSONObject.toString().getBytes(), "UTF-8");
        return str2 + "." + Base64.encodeUrlSafe(signCsrData(str2, keyPair.getPrivate()), "UTF-8");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] signData(String str, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return signature.sign();
    }
}
