package com.av.adblocker.filtering;

import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.security.KeyChain;
import com.adguard.corelibs.proxy.ProxyUtils;
import com.av.adblocker.Brand;
import com.av.adblocker.extensions.FileExtensionsKt;
import com.av.adblocker.utils.FileValidator;
import java.io.IOException;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.Locale;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.io.CloseableKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Regex;
import kotlin.text.StringsKt;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: HttpsCertificateService.kt */
@Metadata(d1 = {"\u0000L\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0007\u0018\u0000 \u00192\u00020\u0001:\u0002\u0018\u0019B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\b\u0010\u0005\u001a\u0004\u0018\u00010\u0006J\u0018\u0010\u0007\u001a\u00020\b2\u0006\u0010\t\u001a\u00020\n2\b\u0010\u000b\u001a\u0004\u0018\u00010\fJ\u0006\u0010\r\u001a\u00020\bJ\u0006\u0010\u000e\u001a\u00020\u000fJ\b\u0010\u0010\u001a\u0004\u0018\u00010\u0011J$\u0010\u0012\u001a\u0004\u0018\u00010\u000f*\b\u0012\u0004\u0012\u00020\u000f0\u00132\u0006\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\u0017H\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u001a"}, d2 = {"Lcom/av/adblocker/filtering/HttpsCertificateService;", "", "settingsAdapter", "Lcom/av/adblocker/filtering/SettingsAdapter;", "(Lcom/av/adblocker/filtering/SettingsAdapter;)V", "createInstallCaToSystemIntent", "Landroid/content/Intent;", "exportCaCertificate", "", "context", "Landroid/content/Context;", "uri", "Landroid/net/Uri;", "findCertificateInKeyStore", "generateCertificateCaFileNameToExport", "", "getOrCreateCertKeyPair", "Lcom/av/adblocker/filtering/HttpsCertificateService$CertKeyPair;", "findUserAliases", "Ljava/util/Enumeration;", "cert", "", "keyStore", "Ljava/security/KeyStore;", "CertKeyPair", "Companion", "app_totalavcontentblockplaystoreRelease"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes3.dex */
public final class HttpsCertificateService {
    private static final String ALIAS_IN_SYSTEM_PREFIX = "system";
    private static final String KEY_STORE_TYPE = "AndroidCAStore";
    private static final String MIME_TYPE_X509_CA_CERT = "crt";
    private final SettingsAdapter settingsAdapter;
    public static final int $stable = 8;
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) HttpsCertificateService.class);

    /* compiled from: HttpsCertificateService.kt */
    @Metadata(d1 = {"\u0000\u0016\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0010\u0011\n\u0002\u0010\u0012\n\u0002\b\n\b\u0007\u0018\u00002\u00020\u0001B\u0013\u0012\f\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00040\u0003¢\u0006\u0002\u0010\u0005R\u0011\u0010\u0006\u001a\u00020\u00048F¢\u0006\u0006\u001a\u0004\b\u0007\u0010\bR\u0019\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00040\u0003¢\u0006\n\n\u0002\u0010\u000b\u001a\u0004\b\t\u0010\nR\u0011\u0010\f\u001a\u00020\u00048F¢\u0006\u0006\u001a\u0004\b\r\u0010\b¨\u0006\u000e"}, d2 = {"Lcom/av/adblocker/filtering/HttpsCertificateService$CertKeyPair;", "", "pair", "", "", "([[B)V", "certificate", "getCertificate", "()[B", "getPair", "()[[B", "[[B", "privateKey", "getPrivateKey", "app_totalavcontentblockplaystoreRelease"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes3.dex */
    public static final class CertKeyPair {
        public static final int $stable = 8;
        private final byte[][] pair;

        public CertKeyPair(byte[][] pair) {
            Intrinsics.checkNotNullParameter(pair, "pair");
            this.pair = pair;
        }

        public final byte[] getCertificate() {
            return this.pair[0];
        }

        public final byte[][] getPair() {
            return this.pair;
        }

        public final byte[] getPrivateKey() {
            return this.pair[1];
        }
    }

    public HttpsCertificateService(SettingsAdapter settingsAdapter) {
        Intrinsics.checkNotNullParameter(settingsAdapter, "settingsAdapter");
        this.settingsAdapter = settingsAdapter;
    }

    private final String findUserAliases(Enumeration<String> enumeration, byte[] bArr, KeyStore keyStore) {
        LOG.info("Let's find system and user certificates");
        while (enumeration.hasMoreElements()) {
            String alias = enumeration.nextElement();
            Certificate certificate = keyStore.getCertificate(alias);
            X509Certificate x509Certificate = certificate instanceof X509Certificate ? (X509Certificate) certificate : null;
            if (x509Certificate != null) {
                String principal = x509Certificate.getSubjectDN().getName();
                Intrinsics.checkNotNullExpressionValue(principal, "principal");
                if (StringsKt.contains((CharSequence) principal, (CharSequence) this.settingsAdapter.getGetRootCaName().invoke(), true)) {
                    Logger logger = LOG;
                    logger.debug("Checking certificate: " + principal);
                    if (Arrays.equals(bArr, x509Certificate.getEncoded())) {
                        logger.debug("The AdGuard certificate is stored by alias: " + alias);
                        Intrinsics.checkNotNullExpressionValue(alias, "alias");
                        if (!StringsKt.startsWith$default(alias, ALIAS_IN_SYSTEM_PREFIX, false, 2, (Object) null)) {
                            return alias;
                        }
                    } else {
                        logger.debug("The encoded forms doesn't equals for certificate " + principal);
                    }
                } else {
                    continue;
                }
            }
        }
        return null;
    }

    public final Intent createInstallCaToSystemIntent() {
        byte[] certificate;
        Logger logger = LOG;
        logger.info("Request 'create an intent to install CA to the system' received");
        try {
            CertKeyPair orCreateCertKeyPair = getOrCreateCertKeyPair();
            if (orCreateCertKeyPair == null || (certificate = orCreateCertKeyPair.getCertificate()) == null) {
                HttpsCertificateService httpsCertificateService = this;
                logger.warn("Can't create an intent to install CA to the system: can't get the certificate or it is null");
                return null;
            }
            Intent createInstallIntent = KeyChain.createInstallIntent();
            createInstallIntent.putExtra("name", this.settingsAdapter.getGetCertificateNameInSystem().invoke());
            createInstallIntent.putExtra("CERT", certificate);
            return createInstallIntent;
        } catch (Throwable th) {
            LOG.error("Error while creating an 'install CA to System' intent", th);
            return null;
        }
    }

    public final boolean exportCaCertificate(Context context, Uri uri) {
        byte[] certificate;
        Intrinsics.checkNotNullParameter(context, "context");
        try {
            if (uri == null) {
                throw new IOException("The passed URI is null, can't export CA certificate");
            }
            String fileName = FileExtensionsKt.getFileName(context, uri);
            FileValidator.INSTANCE.validateFileName(fileName, MIME_TYPE_X509_CA_CERT);
            CertKeyPair orCreateCertKeyPair = getOrCreateCertKeyPair();
            if (orCreateCertKeyPair == null || (certificate = orCreateCertKeyPair.getCertificate()) == null) {
                throw new Exception("No certificate CA to export");
            }
            OutputStream openOutputStream = context.getContentResolver().openOutputStream(uri);
            Unit unit = null;
            if (openOutputStream != null) {
                OutputStream outputStream = openOutputStream;
                try {
                    outputStream.write(certificate);
                    Unit unit2 = Unit.INSTANCE;
                    CloseableKt.closeFinally(outputStream, null);
                    unit = Unit.INSTANCE;
                } finally {
                }
            }
            if (unit != null) {
                return true;
            }
            throw new IOException("Unable to open a file " + fileName + " to export a certificate CA");
        } catch (Throwable th) {
            LOG.error("The error occurred while exporting a certificate CA", th);
            return false;
        }
    }

    public final boolean findCertificateInKeyStore() {
        Logger logger = LOG;
        logger.info("Request 'find a CA certificate in the Key store' received");
        CertKeyPair orCreateCertKeyPair = getOrCreateCertKeyPair();
        byte[] certificate = orCreateCertKeyPair != null ? orCreateCertKeyPair.getCertificate() : null;
        if (certificate == null) {
            logger.info("CA certification isn't generated");
            return false;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            Intrinsics.checkNotNullExpressionValue(aliases, "keyStore.aliases()");
            Intrinsics.checkNotNullExpressionValue(keyStore, "keyStore");
            String findUserAliases = findUserAliases(aliases, certificate, keyStore);
            logger.info("Found certificate aliases: user=[" + findUserAliases + ']');
            return findUserAliases != null;
        } catch (Throwable th) {
            LOG.error("The error occurred while finding a certificate store type", th);
            return false;
        }
    }

    public final String generateCertificateCaFileNameToExport() {
        return new Regex("\\s+").replace(Brand.INSTANCE.getInstance().getBrandNameLower(), "_") + '_' + new SimpleDateFormat("ddMM_HHmmss", Locale.US).format(new Date()) + ".crt";
    }

    public final CertKeyPair getOrCreateCertKeyPair() {
        byte[][] rootKeyPair;
        try {
            Logger logger = LOG;
            logger.info("Let's get a CertKey pair from PEM");
            String invoke = this.settingsAdapter.getGetCertKeyPairInPem().invoke();
            if (invoke != null) {
                logger.info("The CertKey pair is found in Storage, let's reuse it");
                rootKeyPair = ProxyUtils.certKeyPairFromPEM(invoke);
                if (rootKeyPair != null) {
                    Intrinsics.checkNotNullExpressionValue(rootKeyPair, "rootKeyPair");
                    return new CertKeyPair(rootKeyPair);
                }
            }
            HttpsCertificateService httpsCertificateService = this;
            logger.info("The CertKey pair not found in Storage, let's generate it and use to extract date from PEM");
            byte[][] generateCACertKeyPair = ProxyUtils.generateCACertKeyPair(this.settingsAdapter.getGetRootCaName().invoke());
            Function1<String, Unit> setCertKeyPairInPem = this.settingsAdapter.getSetCertKeyPairInPem();
            String certKeyPairToPEM = ProxyUtils.certKeyPairToPEM(generateCACertKeyPair);
            Intrinsics.checkNotNullExpressionValue(certKeyPairToPEM, "certKeyPairToPEM(certKeyPair)");
            setCertKeyPairInPem.invoke(certKeyPairToPEM);
            rootKeyPair = generateCACertKeyPair;
            Intrinsics.checkNotNullExpressionValue(rootKeyPair, "rootKeyPair");
            return new CertKeyPair(rootKeyPair);
        } catch (Throwable unused) {
            LOG.error("The error occurred while generate CA certificate and private key");
            return null;
        }
    }
}
