package oracle.idm.mobile.authenticator.configuration;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.preference.PreferenceManager;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Log;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import java.util.EnumSet;
import java.util.HashSet;
import javax.security.auth.x500.X500Principal;
import oracle.idm.mobile.OMErrorCode;
import oracle.idm.mobile.OMMobileSecurityException;
import oracle.idm.mobile.auth.local.OMAuthenticationManagerException;
import oracle.idm.mobile.authenticator.OMAApplication;
import oracle.idm.mobile.authenticator.account.MFAAccount;
import oracle.idm.mobile.authenticator.password.DefaultPasswordCharacterSet;
import oracle.idm.mobile.crypto.CryptoException;
import oracle.idm.mobile.crypto.OMKeyManagerException;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cert.jcajce.JcaX509v1CertificateBuilder;
import org.spongycastle.operator.ContentSigner;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes.dex */
public class d {
    private static String c = "d";
    private static d d;

    /* renamed from: a, reason: collision with root package name */
    private KeyStore f2573a;

    /* renamed from: b, reason: collision with root package name */
    private KeyStore f2574b;

    private d() {
        h();
    }

    private X509Certificate b(KeyPair keyPair, String str, String str2) {
        ContentSigner contentSigner;
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        calendar.add(1, 25);
        Date time2 = calendar.getTime();
        X500Principal x500Principal = new X500Principal("CN=" + str2);
        try {
            contentSigner = new JcaContentSignerBuilder(str).build(keyPair.getPrivate());
        } catch (OperatorCreationException e) {
            Log.e(c, "generateCertificate OperatorCreationException : ", e);
            contentSigner = null;
        }
        JcaX509v1CertificateBuilder jcaX509v1CertificateBuilder = new JcaX509v1CertificateBuilder(x500Principal, BigInteger.valueOf(c()), time, time2, x500Principal, keyPair.getPublic());
        if (contentSigner == null) {
            return null;
        }
        try {
            return new JcaX509CertificateConverter().getCertificate(jcaX509v1CertificateBuilder.build(contentSigner));
        } catch (CertificateException e2) {
            Log.e(c, "generateCertificate CertificateException : ", e2);
            return null;
        }
    }

    private long c() {
        SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(OMAApplication.f().getApplicationContext());
        long j = defaultSharedPreferences.getLong("certificateSerialNumber", 1L) + 1;
        defaultSharedPreferences.edit().putLong("certificateSerialNumber", j).apply();
        return j;
    }

    private char[] e() {
        return new oracle.idm.mobile.authenticator.password.a(new HashSet(EnumSet.allOf(DefaultPasswordCharacterSet.class)), 14, 15).b();
    }

    public static d f() {
        if (d == null) {
            d = new d();
        }
        return d;
    }

    private char[] g() {
        Context applicationContext = OMAApplication.f().getApplicationContext();
        SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(applicationContext);
        oracle.idm.mobile.authenticator.util.a aVar = new oracle.idm.mobile.authenticator.util.a(applicationContext);
        String string = defaultSharedPreferences.getString("kP", "");
        if (TextUtils.isEmpty(string)) {
            string = aVar.e(String.valueOf(e()));
            defaultSharedPreferences.edit().putString("kP", string).apply();
        }
        String c2 = aVar.c(string);
        if (TextUtils.isEmpty(c2)) {
            throw new OMKeyManagerException(OMErrorCode.INTERNAL_ERROR, "Encrypted KeyStore password cannot be decrypted");
        }
        return c2.toCharArray();
    }

    /* JADX WARN: Removed duplicated region for block: B:26:0x00c6 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:32:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:42:0x00d8 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void h() {
        /*
            Method dump skipped, instructions count: 281
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: oracle.idm.mobile.authenticator.configuration.d.h():void");
    }

    private KeyPair k(KeyStore keyStore, String str) {
        Log.v(c, "Retrieving key for keyID: " + str);
        try {
            Key key = keyStore.getKey(str, g());
            if (key != null) {
                if (key instanceof PrivateKey) {
                    return new KeyPair(keyStore.getCertificate(str).getPublicKey(), (PrivateKey) key);
                }
                throw new OMMobileSecurityException(OMErrorCode.INTERNAL_ERROR, "Key is not an instanceof PrivateKey");
            }
            Log.d(c, "Key retrieved is null");
            int indexOf = str.indexOf("BASE");
            if (indexOf == -1) {
                indexOf = str.indexOf("PUSH");
            }
            if (indexOf != -1) {
                MFAAccount l = OMAApplication.f().d().l(str.substring(0, indexOf));
                if (l != null) {
                    Log.e(c, "MFAAccount for which key is null: " + l.getName());
                }
            }
            throw new OMMobileSecurityException(OMErrorCode.INTERNAL_ERROR, "Key retrieved is null");
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | OMAuthenticationManagerException | CryptoException | OMKeyManagerException e) {
            Log.e(c, e.getMessage(), e);
            throw new OMMobileSecurityException(OMErrorCode.INTERNAL_ERROR, e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:27:0x0039 -> B:7:0x0042). Please report as a decompilation issue!!! */
    private void l() {
        FileOutputStream fileOutputStream = null;
        fileOutputStream = null;
        try {
            try {
                try {
                    fileOutputStream = OMAApplication.f().getApplicationContext().openFileOutput("omaKeyStore.bks", 0);
                    this.f2573a.store(fileOutputStream, g());
                    oracle.idm.mobile.logging.a.a(c, "KeyStore Saved!");
                    fileOutputStream = fileOutputStream;
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                        fileOutputStream = fileOutputStream;
                    }
                } catch (Throwable th) {
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (Exception e) {
                            Log.w(c, e.getMessage(), e);
                        }
                    }
                    throw th;
                }
            } catch (Exception e2) {
                oracle.idm.mobile.logging.a.d(c, e2.getMessage(), e2);
                fileOutputStream = fileOutputStream;
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                    fileOutputStream = fileOutputStream;
                }
            }
        } catch (Exception e3) {
            String str = c;
            Log.w(str, e3.getMessage(), e3);
            fileOutputStream = str;
        }
    }

    private void m(KeyPair keyPair, String str, String str2) {
        Log.d(c, "storeKeyPair for keyId= " + str2);
        Certificate[] certificateArr = {b(keyPair, str, str2)};
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                this.f2574b.setKeyEntry(str2, keyPair.getPrivate(), null, certificateArr);
            } else {
                this.f2573a.setKeyEntry(str2, keyPair.getPrivate(), g(), certificateArr);
                l();
            }
        } catch (Exception e) {
            Log.w(c, "initKeyStore" + e.getMessage(), e);
            throw new OMKeyManagerException(OMErrorCode.INTERNAL_ERROR, "Exception while performing keyStore operation.");
        }
    }

    public boolean a(String str) {
        KeyStore keyStore;
        if (Build.VERSION.SDK_INT < 23) {
            keyStore = this.f2573a;
        } else {
            i(str);
            keyStore = this.f2574b;
        }
        return keyStore.containsAlias(str);
    }

    public KeyPair d(String str, String str2, int i) {
        KeyPairGenerator keyPairGenerator;
        Log.d(c, "generateKeyPair");
        KeyPair keyPair = null;
        try {
            if (Build.VERSION.SDK_INT < 23) {
                keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(i);
            } else {
                keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 4).setDigests("SHA-256").setSignaturePaddings("PKCS1").setKeySize(i).build());
            }
            keyPair = keyPairGenerator.generateKeyPair();
            m(keyPair, str2, str);
            return keyPair;
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | OMKeyManagerException e) {
            Log.e(c, e.getLocalizedMessage(), e);
            return keyPair;
        }
    }

    public void i(String str) {
        KeyPair keyPair;
        try {
            keyPair = k(this.f2573a, str);
        } catch (OMMobileSecurityException unused) {
            Log.d(c, "Exception in getting keyPair from old keystore.");
            keyPair = null;
        }
        if (keyPair != null) {
            try {
                m(keyPair, OMAApplication.f().d().E(str.replace("BASE", "").replace("PUSH", "")), str);
                this.f2573a.deleteEntry(str);
            } catch (KeyStoreException | OMKeyManagerException e) {
                Log.w(c, "unable to migrate keyPair to AndroidKeyStore from old keystore.", e);
            }
        }
    }

    public KeyPair j(String str) {
        KeyStore keyStore;
        if (Build.VERSION.SDK_INT < 23) {
            keyStore = this.f2573a;
        } else {
            i(str);
            keyStore = this.f2574b;
        }
        return k(keyStore, str);
    }
}
