package com.openpath.mobileaccesscore;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.appcompat.view.SupportMenuInflater$$ExternalSyntheticOutline0;
import androidx.multidex.MultiDexExtractor$$ExternalSyntheticOutline0;
import com.allegion.alsecurity.AlEcc;
import com.amazonaws.util.StringInputStream;
import com.google.android.gms.common.internal.zam$$ExternalSyntheticOutline0;
import com.myclay.claysdk.internal.Config;
import com.openpath.mobileaccesscore.helium.MobileNfcCredential;
import io.realm.internal.log.obfuscator.TokenObfuscator;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.Socket;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.ThreadFactory;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers$$ExternalSyntheticOutline0;
import org.bouncycastle.openssl.PEMParser;
import org.conscrypt.Conscrypt;
import org.conscrypt.OpenSSLContextImpl;
import org.jetbrains.anko._AppWidgetHostView$$ExternalSyntheticOutline1;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.spongycastle.jcajce.provider.asymmetric.x509.CertificateFactory;
import org.spongycastle.util.io.pem.PemObject;
import org.spongycastle.util.io.pem.PemObjectGenerator;
import org.spongycastle.util.io.pem.PemWriter;

/* loaded from: classes3.dex */
public final class c1 {

    /* renamed from: e, reason: collision with root package name */
    public KeyStore f3619e = null;

    /* renamed from: f, reason: collision with root package name */
    public Context f3620f;

    /* loaded from: classes3.dex */
    public final class a implements Callable<HashMap<String, String>> {

        /* renamed from: a, reason: collision with root package name */
        public final /* synthetic */ String f3621a;

        public a(String str) {
            this.f3621a = str;
        }

        @Override // java.util.concurrent.Callable
        public final HashMap<String, String> call() throws Exception {
            try {
                HashMap<String, String> x2 = c1.this.x("op-acu-configs");
                HashMap<String, String> hashMap = new HashMap<>();
                for (String str : x2.keySet()) {
                    if (str.startsWith(this.f3621a)) {
                        hashMap.put(str, x2.get(str));
                    }
                }
                return hashMap;
            } catch (Exception e2) {
                OpenpathLogging.e("loadUserAcuConfigsAsync error ", e2);
                return new HashMap<>();
            }
        }
    }

    /* loaded from: classes3.dex */
    public final class b implements Callable<HashMap<String, String>> {

        /* renamed from: a, reason: collision with root package name */
        public final /* synthetic */ String f3623a;

        public b(String str) {
            this.f3623a = str;
        }

        @Override // java.util.concurrent.Callable
        public final HashMap<String, String> call() throws Exception {
            try {
                HashMap<String, String> x2 = c1.this.x("op-access-tokens");
                HashMap<String, String> hashMap = new HashMap<>();
                for (String str : x2.keySet()) {
                    if (str.startsWith(this.f3623a)) {
                        hashMap.put(str, x2.get(str));
                    }
                }
                return hashMap;
            } catch (Exception e2) {
                OpenpathLogging.e("loadUserAccessTokensAsync error ", e2);
                return new HashMap<>();
            }
        }
    }

    /* loaded from: classes3.dex */
    public class c implements PemObjectGenerator {

        /* renamed from: a, reason: collision with root package name */
        public Certificate f3625a;

        public c(Certificate certificate) {
            this.f3625a = certificate;
        }

        @Override // org.spongycastle.util.io.pem.PemObjectGenerator
        public final PemObject generate() {
            try {
                return new PemObject(PEMParser.TYPE_CERTIFICATE, this.f3625a.getEncoded());
            } catch (CertificateEncodingException e2) {
                OpenpathLogging.e("failed to generate pem", e2);
                return null;
            }
        }
    }

    /* loaded from: classes3.dex */
    public enum d {
        USER,
        AWS
    }

    /* loaded from: classes3.dex */
    public class e implements ThreadFactory {
        @Override // java.util.concurrent.ThreadFactory
        public final Thread newThread(Runnable runnable) {
            Thread thread = new Thread(runnable, "titanium_security");
            thread.setPriority(10);
            return thread;
        }
    }

    public c1(Context context) {
        this.f3620f = context;
        try {
            c();
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableKeyException | CertificateException | NoSuchPaddingException e2) {
            OpenpathLogging.e("failed to load key store", e2);
        }
    }

    public final String A(String str) {
        OpenpathLogging.v("loading thingName for " + str);
        try {
            HashMap<String, String> h2 = h();
            for (String str2 : h2.keySet()) {
                if (str2.equals(str)) {
                    return h2.get(str2);
                }
            }
        } catch (Exception e2) {
            OpenpathLogging.e("got error loading userOpal thingName", e2);
        }
        return "";
    }

    public final void a() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        File file = new File(this.f3620f.getFilesDir() + "op-api-tokens");
        if (file.exists()) {
            file.delete();
        }
        File file2 = new File(this.f3620f.getFilesDir() + "op-nfc-data");
        if (file2.exists()) {
            file2.delete();
        }
        File file3 = new File(this.f3620f.getFilesDir() + "op-aws-credentials");
        if (file3.exists()) {
            file3.delete();
        }
        File file4 = new File(this.f3620f.getFilesDir() + "op-aws-connection-data");
        if (file4.exists()) {
            file4.delete();
        }
        File file5 = new File(this.f3620f.getFilesDir() + "op-aws-thing-name");
        if (file5.exists()) {
            file5.delete();
        }
        File file6 = new File(this.f3620f.getFilesDir() + "op-aws-client-ids");
        if (file6.exists()) {
            file6.delete();
        }
        File file7 = new File(this.f3620f.getFilesDir() + "op-allegion-credentials");
        if (file7.exists()) {
            file7.delete();
        }
        File file8 = new File(this.f3620f.getFilesDir() + "op-allegion-payloads");
        if (file8.exists()) {
            file8.delete();
        }
        File file9 = new File(this.f3620f.getFilesDir() + "op-access-tokens");
        if (file9.exists()) {
            file9.delete();
        }
        File file10 = new File(this.f3620f.getFilesDir() + "op-acu-configs");
        if (file10.exists()) {
            file10.delete();
        }
        File file11 = new File(this.f3620f.getFilesDir() + "op-ks-pass");
        if (file11.exists()) {
            file11.delete();
        }
        File file12 = new File(this.f3620f.getFilesDir() + "op-bks-ks");
        if (file12.exists()) {
            file12.delete();
        }
        KeyStore keyStore = KeyStore.getInstance(Config.Keystore.ANDROID_KEY_STORE);
        keyStore.load(null);
        if (keyStore.containsAlias("opPassAlias")) {
            keyStore.deleteEntry("opPassAlias");
        }
        this.f3619e = null;
    }

    public final void a(String str, MobileNfcCredential mobileNfcCredential) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, NoSuchProviderException, IllegalBlockSizeException {
        OpenpathLogging.v("add nfc data to user keypair");
        a(str, mobileNfcCredential.appId + "," + mobileNfcCredential.appReadKeyNumber + "," + mobileNfcCredential.appReadKey + "," + mobileNfcCredential.fileNumber + "," + mobileNfcCredential.fileOffset + "," + mobileNfcCredential.fileData, "op-nfc-data");
    }

    public final void a(String str, String str2, d dVar) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, KeyStoreException, JSONException {
        StringBuilder sb;
        String str3;
        OpenpathLogging.v("add ca chain to user keypair");
        if (dVar == d.AWS) {
            sb = new StringBuilder();
            str3 = "opAwsCaCertAlias-";
        } else {
            sb = new StringBuilder();
            str3 = "opCaCertAlias-";
        }
        sb.append(str3);
        sb.append(str);
        String sb2 = sb.toString();
        d(sb2);
        JSONArray jSONArray = new JSONObject(str2).getJSONArray("caChain");
        CertificateFactory certificateFactory = new CertificateFactory();
        int length = jSONArray.length();
        Certificate[] certificateArr = new Certificate[length];
        for (int i2 = 0; i2 < jSONArray.length(); i2++) {
            certificateArr[i2] = certificateFactory.engineGenerateCertificate(new StringInputStream(jSONArray.getJSONObject(i2).getString("pem")));
        }
        KeyStore c2 = c();
        for (int i3 = 0; i3 < length; i3++) {
            c2.setCertificateEntry(MultiDexExtractor$$ExternalSyntheticOutline0.m(sb2, "-", i3), certificateArr[i3]);
        }
        i();
    }

    public final void a(String str, String str2, String str3) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, BadPaddingException, KeyStoreException, IllegalBlockSizeException {
        HashMap<String, String> x2 = x(str3);
        x2.put(str, str2);
        String str4 = "";
        for (String str5 : x2.keySet()) {
            str4 = v$b$$ExternalSyntheticLambda2.m(zam$$ExternalSyntheticOutline0.m(str4, str5, ","), x2.get(str5), "\n");
        }
        f(str4, this.f3620f.getFilesDir() + str3);
    }

    public final void a(String str, String str2, HashMap hashMap) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, BadPaddingException, KeyStoreException, IllegalBlockSizeException {
        HashMap<String, String> x2 = x(str2);
        for (String str3 : hashMap.keySet()) {
            x2.put(PKCSObjectIdentifiers$$ExternalSyntheticOutline0.m(str, "-", str3), (String) hashMap.get(str3));
        }
        StringBuilder sb = new StringBuilder();
        for (String str4 : x2.keySet()) {
            sb.append(str4);
            sb.append(",");
            sb.append(x2.get(str4));
            sb.append("\n");
        }
        f(sb.toString(), this.f3620f.getFilesDir() + str2);
    }

    public final void b(String str, String str2, String str3, String str4) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, KeyStoreException, BadPaddingException, IllegalBlockSizeException {
        OpenpathLogging.v("adding aws credentials for " + str + " to aws credentials file");
        HashMap<String, ArrayList<String>> g2 = g();
        ArrayList<String> arrayList = new ArrayList<>();
        arrayList.add(str2);
        arrayList.add(str3);
        arrayList.add(str4);
        g2.put(str, arrayList);
        String str5 = "";
        for (String str6 : g2.keySet()) {
            StringBuilder m2 = zam$$ExternalSyntheticOutline0.m(str5, str6, ",");
            m2.append(g2.get(str6).get(0));
            m2.append(",");
            m2.append(g2.get(str6).get(1));
            m2.append(",");
            str5 = v$b$$ExternalSyntheticLambda2.m(m2, g2.get(str6).get(2), "\n");
        }
        OpenpathLogging.v("encrypting aws credentials and writing to file");
        f(str5, this.f3620f.getFilesDir() + "op-aws-credentials");
    }

    public final KeyStore c() throws CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, KeyStoreException, InvalidAlgorithmParameterException, UnrecoverableKeyException, NoSuchPaddingException, InvalidKeyException {
        StringBuilder m2 = _AppWidgetHostView$$ExternalSyntheticOutline1.m("loadBKSKeyStore ");
        m2.append(this.f3619e);
        OpenpathLogging.v(m2.toString());
        if (this.f3619e == null) {
            this.f3619e = KeyStore.getInstance("BKS");
            if (new File(this.f3620f.getFilesDir() + "op-bks-ks").exists()) {
                this.f3619e.load(new FileInputStream(this.f3620f.getFilesDir() + "op-bks-ks"), d().toCharArray());
            } else {
                this.f3619e.load(null);
            }
        }
        return this.f3619e;
    }

    public final KeyStore c(String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException {
        OpenpathLogging.v("loading ca");
        String[] strArr = {"org", "intermediate3", "intermediate2", "root"};
        Certificate[] g2 = g(str);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        for (int i2 = 0; i2 < g2.length; i2++) {
            keyStore.setCertificateEntry(strArr[i2], g2[i2]);
        }
        return keyStore;
    }

    /* renamed from: c, reason: collision with other method in class */
    public final void m4084c(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, NoSuchProviderException, IllegalBlockSizeException {
        d(str, "op-api-tokens");
        d(str, "op-nfc-data");
        d(str, "op-aws-credentials");
        d(str, "op-aws-client-ids");
        d(str, "op-allegion-credentials");
        d(str, "op-allegion-payloads");
        d(str, "op-access-tokens");
        d(str, "op-acu-configs");
    }

    public final String d() throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, UnrecoverableKeyException, IOException, CertificateException, InvalidKeyException, NoSuchPaddingException {
        KeyPairGenerator keyPairGenerator;
        AlgorithmParameterSpec build;
        KeyStore keyStore = KeyStore.getInstance(Config.Keystore.ANDROID_KEY_STORE);
        keyStore.load(null);
        if (!keyStore.containsAlias("opPassAlias")) {
            OpenpathLogging.v("generating new password keypair");
            if (Build.VERSION.SDK_INT >= 23) {
                keyPairGenerator = KeyPairGenerator.getInstance("RSA", Config.Keystore.ANDROID_KEY_STORE);
                build = new KeyGenParameterSpec.Builder("opPassAlias", 3).setEncryptionPaddings("PKCS1Padding").setDigests("SHA-256", "SHA-512").build();
            } else {
                keyPairGenerator = KeyPairGenerator.getInstance("RSA", Config.Keystore.ANDROID_KEY_STORE);
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 30);
                build = new KeyPairGeneratorSpec.Builder(this.f3620f).setAlias("opPassAlias").setSubject(new X500Principal("CN=opPassAlias")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            }
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        }
        OpenpathLogging.v("loaded password keypair");
        File file = new File(this.f3620f.getFilesDir() + "op-ks-pass");
        if (!file.exists() || !keyStore.containsAlias("opPassAlias")) {
            String bigInteger = new BigInteger(130, new SecureRandom()).toString(32);
            OpenpathLogging.v("generated new password");
            OpenpathLogging.v("encrypting new password and saving to file");
            PublicKey publicKey = keyStore.getCertificate("opPassAlias").getPublicKey();
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");
            cipher.init(1, publicKey);
            byte[] bytes = bigInteger.getBytes();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(bytes);
            cipherOutputStream.close();
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file));
            bufferedOutputStream.write(byteArray);
            bufferedOutputStream.close();
            return bigInteger;
        }
        OpenpathLogging.v("loading password from file and decrypting");
        int length = (int) file.length();
        byte[] bArr = new byte[length];
        new BufferedInputStream(new FileInputStream(file)).read(bArr, 0, length);
        PrivateKey privateKey = (PrivateKey) keyStore.getKey("opPassAlias", null);
        Cipher cipher2 = Cipher.getInstance("RSA/NONE/PKCS1Padding");
        cipher2.init(2, privateKey);
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher2);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            bArr2[i2] = ((Byte) arrayList.get(i2)).byteValue();
        }
        String str = new String(bArr2, 0, size, "UTF-8");
        OpenpathLogging.v("loaded password from file");
        return str;
    }

    public final void d(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        KeyStore c2 = c();
        Enumeration<String> aliases = c2.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (nextElement.startsWith(str)) {
                OpenpathLogging.v("deleting " + nextElement + " from keystore");
                c2.deleteEntry(nextElement);
            }
        }
    }

    public final void d(String str, String str2) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, NoSuchProviderException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, IllegalBlockSizeException {
        HashMap<String, String> x2 = x(str2);
        String str3 = "";
        for (String str4 : x2.keySet()) {
            if (!str4.equals(str)) {
                str3 = v$b$$ExternalSyntheticLambda2.m(zam$$ExternalSyntheticOutline0.m(str3, str4, ","), x2.get(str4), "\n");
            }
        }
        f(str3, this.f3620f.getFilesDir() + str2);
    }

    public final HashMap<String, String> e() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException, UnrecoverableKeyException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        OpenpathLogging.v("loading api tokens from file and decrypting");
        return x("op-api-tokens");
    }

    public final Certificate[] e(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, KeyStoreException {
        return h("opAwsCaCertAlias-" + str);
    }

    public final String f(String str) {
        OpenpathLogging.d("getting AWS endpoint");
        try {
            HashMap<String, String> f2 = f();
            for (String str2 : f2.keySet()) {
                if (str2.equals(str) && f2.get(str2) != null) {
                    return new JSONObject(f2.get(str2)).getString("endpoint");
                }
            }
        } catch (Exception e2) {
            OpenpathLogging.e("got error getting AWS connection endpoint", e2);
        }
        return "";
    }

    public final HashMap<String, String> f() throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, NoSuchProviderException, IllegalBlockSizeException {
        OpenpathLogging.v("loading aws connection data from file and decrypting");
        String q2 = q(this.f3620f.getFilesDir() + "op-aws-connection-data");
        HashMap<String, String> hashMap = new HashMap<>();
        for (String str : q2.split("\n")) {
            if (str.length() > 0) {
                hashMap.put(str.split(",")[0], str.substring(str.indexOf(",") + 1));
            }
        }
        return hashMap;
    }

    public final void f(String str, String str2) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnrecoverableKeyException {
        byte[] bytes = d().getBytes();
        byte[] bArr = new byte[16];
        System.arraycopy(bytes, 0, bArr, 0, bytes.length < 16 ? bytes.length : 16);
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding");
        cipher.init(1, secretKeySpec);
        byte[] doFinal = cipher.doFinal(str.getBytes());
        BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(new File(str2)));
        bufferedOutputStream.write(doFinal);
        bufferedOutputStream.close();
    }

    public final HashMap<String, ArrayList<String>> g() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException, UnrecoverableKeyException, InvalidKeyException, NoSuchPaddingException, BadPaddingException, IllegalBlockSizeException {
        OpenpathLogging.v("loading aws credentials from file and decrypting");
        String q2 = q(this.f3620f.getFilesDir() + "op-aws-credentials");
        HashMap<String, ArrayList<String>> hashMap = new HashMap<>();
        for (String str : q2.split("\n")) {
            int length = str.length() - str.replace(",", "").length();
            if (str.length() > 0 && length == 3) {
                String str2 = str.split(",")[0];
                ArrayList<String> arrayList = new ArrayList<>();
                arrayList.add(str.split(",")[1]);
                arrayList.add(str.split(",")[2]);
                arrayList.add(str.split(",")[3]);
                hashMap.put(str2, arrayList);
                OpenpathLogging.v("loaded aws credential from file for user " + str2);
            }
        }
        return hashMap;
    }

    public final Certificate[] g(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, KeyStoreException {
        return h("opCaCertAlias-" + str);
    }

    public final HashMap<String, String> h() throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, NoSuchProviderException, IllegalBlockSizeException {
        OpenpathLogging.v("loading thingNames from file and decrypting");
        String q2 = q(this.f3620f.getFilesDir() + "op-aws-thing-name");
        HashMap<String, String> hashMap = new HashMap<>();
        for (String str : q2.split("\n")) {
            if (str.length() > 0) {
                hashMap.put(str.split(",")[0], str.split(",")[1]);
            }
        }
        return hashMap;
    }

    public final void h(String str, String str2) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, KeyStoreException, BadPaddingException, IllegalBlockSizeException {
        OpenpathLogging.v("adding aws connection data for " + str + " to aws connection data file");
        HashMap<String, String> f2 = f();
        f2.put(str, str2);
        StringBuilder sb = new StringBuilder();
        for (String str3 : f2.keySet()) {
            sb.append(str3);
            sb.append(",");
            sb.append(f2.get(str3));
            sb.append("\n");
        }
        OpenpathLogging.v("encrypting aws connection data and writing to file");
        f(sb.toString(), this.f3620f.getFilesDir() + "op-aws-connection-data");
    }

    public final Certificate[] h(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        KeyStore c2 = c();
        HashMap hashMap = new HashMap();
        Enumeration<String> aliases = c2.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (nextElement.startsWith(str)) {
                hashMap.put(nextElement, c2.getCertificate(nextElement));
            }
        }
        Certificate[] certificateArr = new Certificate[hashMap.size()];
        for (int i2 = 0; i2 < hashMap.size(); i2++) {
            certificateArr[i2] = (Certificate) hashMap.get(str + "-" + i2);
        }
        return certificateArr;
    }

    public final ArrayList<String> i(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        ArrayList<String> arrayList = new ArrayList<>();
        Certificate[] h2 = h("opCertAlias-" + str);
        for (int i2 = 1; i2 < h2.length; i2++) {
            Certificate certificate = h2[i2];
            StringWriter stringWriter = new StringWriter();
            try {
                PemWriter pemWriter = new PemWriter(stringWriter);
                try {
                    pemWriter.writeObject(new c(certificate));
                    pemWriter.close();
                    String stringWriter2 = stringWriter.toString();
                    stringWriter.close();
                    arrayList.add(stringWriter2);
                } finally {
                }
            } catch (Throwable th) {
                try {
                    stringWriter.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }
        return arrayList;
    }

    public final void i() throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, KeyStoreException {
        KeyStore c2 = c();
        FileOutputStream fileOutputStream = new FileOutputStream(this.f3620f.getFilesDir() + "op-bks-ks");
        c2.store(fileOutputStream, d().toCharArray());
        fileOutputStream.close();
    }

    public final void i(String str, String str2) throws IOException, KeyStoreException, CertificateException, NoSuchPaddingException, UnrecoverableKeyException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, InvalidAlgorithmParameterException, JSONException {
        OpenpathLogging.v("adding user AWS IoT certs to user keypair");
        String str3 = "opAwsCertAlias-" + str + "-0";
        d(str3);
        c().setCertificateEntry(str3, new CertificateFactory().engineGenerateCertificate(new StringInputStream(new JSONObject(str2).getString("certificate"))));
        i();
    }

    public final String j(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        Certificate certificate = h("opCertAlias-" + str)[0];
        if (certificate == null) {
            return "";
        }
        StringWriter stringWriter = new StringWriter();
        try {
            PemWriter pemWriter = new PemWriter(stringWriter);
            try {
                pemWriter.writeObject(new c(certificate));
                pemWriter.close();
                String stringWriter2 = stringWriter.toString();
                stringWriter.close();
                return stringWriter2;
            } finally {
            }
        } catch (Throwable th) {
            try {
                stringWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public final void j(String str, String str2) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, BadPaddingException, KeyStoreException, IllegalBlockSizeException {
        OpenpathLogging.v("adding thing name for " + str + " to thing name file");
        HashMap<String, String> h2 = h();
        h2.put(str, str2);
        StringBuilder sb = new StringBuilder();
        for (String str3 : h2.keySet()) {
            sb.append(str3);
            sb.append(",");
            sb.append(h2.get(str3));
            sb.append("\n");
        }
        OpenpathLogging.v("encrypting things names and writing to file");
        f(sb.toString(), this.f3620f.getFilesDir() + "op-aws-thing-name");
    }

    public final MobileNfcCredential k(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, NoSuchProviderException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, IllegalBlockSizeException {
        HashMap<String, String> x2 = x("op-nfc-data");
        if (!x2.containsKey(str)) {
            return null;
        }
        String[] split = x2.get(str).split(",");
        return new MobileNfcCredential(split[0], Integer.parseInt(split[1]), split[2], Integer.parseInt(split[3]), Integer.parseInt(split[4]), split[5]);
    }

    public final String k(String str, String str2) throws NoSuchAlgorithmException, CertificateException, NoSuchPaddingException, UnrecoverableKeyException, IOException, KeyStoreException, NoSuchProviderException, InvalidAlgorithmParameterException, InvalidKeyException, SignatureException {
        KeyStore c2 = c();
        String m2 = SupportMenuInflater$$ExternalSyntheticOutline0.m("opKeyAlias-", str);
        Signature signature = Signature.getInstance(AlEcc.ECDSA_256_SIG);
        signature.initSign((PrivateKey) c2.getKey(m2, null));
        signature.update(str2.getBytes(StandardCharsets.US_ASCII));
        return Base64.encodeToString(signature.sign(), 2);
    }

    public final SSLSocketFactory l(String str) {
        try {
            if (g(str).length < 1) {
                throw new Exception("CA chain is not available");
            }
            KeyStore p2 = p(str);
            KeyStore o2 = o(str);
            OpenpathLogging.d(TrustManagerFactory.getDefaultAlgorithm());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(p2);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(o2, null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (!e0.ALNP_AWS.isEnabled()) {
                SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagers, new SecureRandom());
                return sSLContext.getSocketFactory();
            }
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            try {
                OpenSSLContextImpl openSSLContextImpl = (OpenSSLContextImpl) Conscrypt.newPreferredSSLContextSpi();
                openSSLContextImpl.engineInit(keyManagers, trustManagers, new SecureRandom());
                final SSLSocketFactory engineGetSocketFactory = openSSLContextImpl.engineGetSocketFactory();
                return new SSLSocketFactory(engineGetSocketFactory) { // from class: com.openpath.mobileaccesscore.y$a

                    /* renamed from: a, reason: collision with root package name */
                    public final String[] f3889a = {"x-amzn-mqtt-ca"};

                    /* renamed from: c, reason: collision with root package name */
                    public final SSLSocketFactory f3890c;

                    {
                        this.f3890c = engineGetSocketFactory;
                    }

                    public final void a(Socket socket) {
                        if (socket == null || !(socket instanceof SSLSocket)) {
                            return;
                        }
                        SSLSocket sSLSocket = (SSLSocket) socket;
                        sSLSocket.setEnabledProtocols(new String[]{"TLSv1.2"});
                        if (Conscrypt.isConscrypt(sSLSocket)) {
                            Conscrypt.setApplicationProtocols(sSLSocket, this.f3889a);
                        }
                    }

                    @Override // javax.net.SocketFactory
                    public final Socket createSocket() throws IOException {
                        Socket createSocket = this.f3890c.createSocket();
                        a(createSocket);
                        return createSocket;
                    }

                    @Override // javax.net.SocketFactory
                    public final Socket createSocket(String str2, int i2) throws IOException {
                        Socket createSocket = this.f3890c.createSocket(str2, i2);
                        a(createSocket);
                        return createSocket;
                    }

                    @Override // javax.net.SocketFactory
                    public final Socket createSocket(String str2, int i2, InetAddress inetAddress, int i3) throws IOException {
                        Socket createSocket = this.f3890c.createSocket(str2, i2, inetAddress, i3);
                        a(createSocket);
                        return createSocket;
                    }

                    @Override // javax.net.SocketFactory
                    public final Socket createSocket(InetAddress inetAddress, int i2) throws IOException {
                        Socket createSocket = this.f3890c.createSocket(inetAddress, i2);
                        a(createSocket);
                        return createSocket;
                    }

                    @Override // javax.net.SocketFactory
                    public final Socket createSocket(InetAddress inetAddress, int i2, InetAddress inetAddress2, int i3) throws IOException {
                        Socket createSocket = this.f3890c.createSocket(inetAddress, i2, inetAddress2, i3);
                        a(createSocket);
                        return createSocket;
                    }

                    @Override // javax.net.ssl.SSLSocketFactory
                    public final Socket createSocket(Socket socket, String str2, int i2, boolean z2) throws IOException {
                        Socket createSocket = this.f3890c.createSocket(socket, str2, i2, z2);
                        a(createSocket);
                        return createSocket;
                    }

                    @Override // javax.net.ssl.SSLSocketFactory
                    public final String[] getDefaultCipherSuites() {
                        return this.f3890c.getDefaultCipherSuites();
                    }

                    @Override // javax.net.ssl.SSLSocketFactory
                    public final String[] getSupportedCipherSuites() {
                        return this.f3890c.getSupportedCipherSuites();
                    }
                };
            } catch (Exception e2) {
                OpenpathLogging.e("got error initializing Conscrypt", e2);
                return null;
            }
        } catch (Exception e3) {
            OpenpathLogging.e("cannot return SSLSocketFactory", e3);
            return null;
        }
    }

    public final boolean n(String str) {
        try {
            StringBuilder sb = new StringBuilder();
            sb.append("opAwsCertAlias-");
            sb.append(str);
            return h(sb.toString()).length > 0;
        } catch (Exception e2) {
            OpenpathLogging.e("error checking userOpal's IoT cert present", e2);
            return false;
        }
    }

    public final KeyStore o(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        OpenpathLogging.v("loading aws keypair and cert");
        PrivateKey privateKey = (PrivateKey) c().getKey("opKeyAlias-" + str, null);
        Certificate[] h2 = h("opAwsCertAlias-" + str);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        keyStore.setKeyEntry(SupportMenuInflater$$ExternalSyntheticOutline0.m("opAwsKeyAlias-", str), privateKey, null, h2);
        return keyStore;
    }

    public final KeyStore p(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException {
        OpenpathLogging.v("loading AWS root cert");
        Certificate[] h2 = h("opAwsCaCertAlias-" + str);
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        for (Certificate certificate : h2) {
            keyStore.setCertificateEntry("ca-certificate", certificate);
        }
        return keyStore;
    }

    public final String q(String str) throws IOException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, CertificateException, NoSuchProviderException, KeyStoreException, InvalidAlgorithmParameterException, UnrecoverableKeyException, BadPaddingException, IllegalBlockSizeException {
        File file = new File(str);
        if (!file.exists()) {
            return "";
        }
        int length = (int) file.length();
        byte[] bArr = new byte[length];
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
        bufferedInputStream.read(bArr, 0, length);
        bufferedInputStream.close();
        byte[] bytes = d().getBytes();
        byte[] bArr2 = new byte[16];
        System.arraycopy(bytes, 0, bArr2, 0, bytes.length < 16 ? bytes.length : 16);
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, "AES");
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding");
        cipher.init(2, secretKeySpec);
        byte[] doFinal = cipher.doFinal(bArr);
        return new String(doFinal, 0, doFinal.length);
    }

    public final KeyStore r(String str) throws CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, KeyStoreException, UnrecoverableEntryException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException {
        OpenpathLogging.v("loading keypair and cert");
        KeyStore c2 = c();
        String m2 = SupportMenuInflater$$ExternalSyntheticOutline0.m("opKeyAlias-", str);
        PrivateKey privateKey = (PrivateKey) c2.getKey(m2, null);
        Certificate[] h2 = h("opCertAlias-" + str);
        KeyStore keyStore = KeyStore.getInstance("BKS");
        keyStore.load(null);
        keyStore.setKeyEntry(m2, privateKey, null, h2);
        return keyStore;
    }

    public final HashMap<String, String> s(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, NoSuchProviderException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, IllegalBlockSizeException {
        HashMap<String, String> x2 = x("op-access-tokens");
        HashMap<String, String> hashMap = new HashMap<>();
        for (String str2 : x2.keySet()) {
            if (str2.startsWith(str)) {
                hashMap.put(str2, x2.get(str2));
            }
        }
        return hashMap;
    }

    public final HashMap<String, String> u(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, NoSuchProviderException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, IllegalBlockSizeException {
        HashMap<String, String> x2 = x("op-acu-configs");
        HashMap<String, String> hashMap = new HashMap<>();
        for (String str2 : x2.keySet()) {
            if (str2.startsWith(str)) {
                hashMap.put(str2, x2.get(str2));
            }
        }
        return hashMap;
    }

    public final HashMap<String, String> w(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, NoSuchProviderException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, IllegalBlockSizeException {
        HashMap<String, String> x2 = x("op-allegion-credentials");
        HashMap<String, String> hashMap = new HashMap<>();
        String str2 = x2.get(str);
        if (str2 != null) {
            String[] split = str2.split(":");
            hashMap.put("subscriptionKey", split[0]);
            hashMap.put("integrationId", split[1]);
            hashMap.put(TokenObfuscator.ACCESS_TOKEN_KEY, split[2]);
        }
        return hashMap;
    }

    public final HashMap<String, String> x(String str) throws IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, KeyStoreException, NoSuchProviderException, IllegalBlockSizeException {
        String q2 = q(this.f3620f.getFilesDir() + str);
        HashMap<String, String> hashMap = new HashMap<>();
        for (String str2 : q2.split("\n")) {
            if (str2.length() > 0 && str2.indexOf(44) != -1) {
                hashMap.put(str2.split(",")[0], str2.substring(str2.indexOf(",") + 1));
            }
        }
        return hashMap;
    }

    public final HashMap<String, String> y(String str) {
        HashMap<String, String> hashMap = new HashMap<>();
        try {
            new HashMap();
            ExecutorService newSingleThreadExecutor = Executors.newSingleThreadExecutor(new e());
            Iterator it = ((HashMap) newSingleThreadExecutor.submit(new b(str)).get()).values().iterator();
            while (it.hasNext()) {
                JSONObject jSONObject = new JSONObject((String) it.next());
                if (!jSONObject.has("revision")) {
                    break;
                }
                hashMap.put(jSONObject.getString("acuOpal"), jSONObject.getString("revision"));
            }
            newSingleThreadExecutor.shutdown();
        } catch (Exception e2) {
            OpenpathLogging.e("loadUserTokenRevisions error ", e2);
        }
        return hashMap;
    }

    public final HashMap<String, String> z(String str) {
        HashMap<String, String> hashMap = new HashMap<>();
        try {
            new HashMap();
            ExecutorService newSingleThreadExecutor = Executors.newSingleThreadExecutor(new e());
            Iterator it = ((HashMap) newSingleThreadExecutor.submit(new a(str)).get()).values().iterator();
            while (it.hasNext()) {
                JSONObject jSONObject = new JSONObject((String) it.next());
                if (!jSONObject.has("phoneConfig")) {
                    break;
                }
                hashMap.put(jSONObject.getString("acuOpal"), jSONObject.getString("hash"));
            }
            newSingleThreadExecutor.shutdown();
        } catch (Exception e2) {
            OpenpathLogging.e("loadUserPhoneConfigHashes error ", e2);
        }
        return hashMap;
    }
}
