package com.sen.osmo.util;

import android.content.Context;
import android.content.res.Resources;
import android.net.Uri;
import android.text.TextUtils;
import androidx.annotation.NonNull;
import com.androidcore.osmc.LocalUser;
import com.androidcore.osmc.WebService;
import com.sen.osmo.log.Log;
import com.sen.osmo.restservice.connection.security.MyKeyManager;
import com.sen.osmo.settings.SecurePrefs;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Vector;

/* loaded from: classes3.dex */
public class CertificateUtil {
    public static final String MY_KEY_ALIAS = "my_key_alias";
    public static final String MY_KEY_STORE = "mykeystore.bks";
    public static final String MY_KEY_STORE_PASSWORD = "changeit";

    public static boolean deleteCertificate(Context context, int i2) {
        try {
            KeyStore keyStore = getKeyStore(context);
            if (keyStore == null) {
                return false;
            }
            Vector vector = new Vector(5);
            readCertificates(context, vector);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (((X509Certificate) vector.get(i2)).getSubjectX500Principal().equals(certificate instanceof X509Certificate ? ((X509Certificate) certificate).getSubjectX500Principal() : null)) {
                    AndroidKeyStoreHelper.deleteCertificate(nextElement);
                    Log.v("CertificateUtil", "deleted " + nextElement);
                }
            }
            return true;
        } catch (Resources.NotFoundException | IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException | javax.security.cert.CertificateException e2) {
            Log.e("CertificateUtil", "deleteCertificate", e2);
            return true;
        }
    }

    public static void deleteSipCertificate(Context context) {
        if (sipCertificateExists(context)) {
            Log.d("CertificateUtil", "SIP certificate deleted " + new File(getSipCertificatePath(context)).delete());
        }
    }

    public static KeyStore getKeyBKSStore(Context context) {
        if (context == null) {
            Log.e("CertificateUtil", "getKeyStore context is null");
            return null;
        }
        KeyStore keyStore = KeyStore.getInstance("bks");
        File file = new File(context.getFilesDir(), MY_KEY_STORE);
        FileInputStream fileInputStream = file.exists() ? new FileInputStream(file) : null;
        keyStore.load(fileInputStream, MY_KEY_STORE_PASSWORD.toCharArray());
        if (fileInputStream != null) {
            fileInputStream.close();
        }
        return keyStore;
    }

    public static KeyStore getKeyStore(Context context) {
        return AndroidKeyStoreHelper.getKeyStore();
    }

    @NonNull
    public static String getSipCertificatePath(Context context) {
        return context.getFilesDir() + File.separator + "mtls_sip.p12";
    }

    public static int readCertificates(Context context, Vector<X509Certificate> vector) {
        KeyStore keyStore;
        Certificate certificate;
        int i2 = -1;
        try {
            keyStore = getKeyStore(context);
        } catch (Resources.NotFoundException e2) {
            e = e2;
            Log.e("CertificateUtil", "readCertificates io failed", e);
            return i2;
        } catch (IOException e3) {
            e = e3;
            Log.e("CertificateUtil", "readCertificates io failed", e);
            return i2;
        } catch (KeyStoreException e4) {
            e = e4;
            Log.e("CertificateUtil", "readCertificates failed", e);
            return i2;
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            Log.e("CertificateUtil", "readCertificates failed", e);
            return i2;
        } catch (UnrecoverableKeyException e6) {
            e = e6;
            Log.e("CertificateUtil", "readCertificates failed", e);
            return i2;
        } catch (CertificateException e7) {
            e = e7;
            Log.e("CertificateUtil", "readCertificates io failed", e);
            return i2;
        } catch (javax.security.cert.CertificateException e8) {
            e = e8;
            Log.e("CertificateUtil", "readCertificates failed", e);
            return i2;
        }
        if (keyStore == null) {
            return -1;
        }
        Enumeration<String> aliases = keyStore.aliases();
        int i3 = 0;
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            String str = MyKeyManager.selectedClientAlias;
            if (LocalUser.getLoggedInUser() != null && WebService.getBaseURL().toLowerCase().startsWith("https") && str != null && str.equalsIgnoreCase(nextElement)) {
                i2 = i3;
            }
            if ((keyStore.getKey(nextElement, null) instanceof PrivateKey) && (certificate = keyStore.getCertificate(nextElement)) != null && (certificate instanceof X509Certificate)) {
                vector.add((X509Certificate) certificate);
            }
            i3++;
        }
        return i2;
    }

    public static boolean saveSipCertificate(Context context, Uri uri, String str) {
        try {
            InputStream openInputStream = context.getContentResolver().openInputStream(uri);
            FileOutputStream fileOutputStream = new FileOutputStream(new File(getSipCertificatePath(context)));
            if (openInputStream == null) {
                Log.e("CertificateUtil", "saveSipCertificate input is null");
                return false;
            }
            byte[] bArr = new byte[1024];
            while (true) {
                int read = openInputStream.read(bArr);
                if (read <= 0) {
                    openInputStream.close();
                    fileOutputStream.flush();
                    fileOutputStream.close();
                    SecurePrefs.saveCertificatePassword(context, str);
                    Log.i("CertificateUtil", "SIP certificate saved");
                    return true;
                }
                fileOutputStream.write(bArr, 0, read);
            }
        } catch (Exception e2) {
            Log.e("CertificateUtil", "Failed to save certificate for MTLS", e2);
            return false;
        }
    }

    public static boolean saveSipCertificateFromMDM(Context context, byte[] bArr, String str) {
        if (bArr != null) {
            try {
                if (!TextUtils.isEmpty(str) && bArr.length > 0) {
                    ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
                    FileOutputStream fileOutputStream = new FileOutputStream(new File(getSipCertificatePath(context)));
                    byte[] bArr2 = new byte[1024];
                    while (true) {
                        int read = byteArrayInputStream.read(bArr2);
                        if (read <= 0) {
                            byteArrayInputStream.close();
                            fileOutputStream.flush();
                            fileOutputStream.close();
                            SecurePrefs.saveCertificatePassword(context, str);
                            Log.i("CertificateUtil", "MDM. SIP certificate saved");
                            return true;
                        }
                        fileOutputStream.write(bArr2, 0, read);
                    }
                }
            } catch (Exception e2) {
                Log.e("CertificateUtil", "Failed to save certificate for MTLS", e2);
                return false;
            }
        }
        Log.e("CertificateUtil", "saveSipCertificate input is null");
        return false;
    }

    public static boolean sipCertificateExists(Context context) {
        File file = new File(getSipCertificatePath(context));
        return file.exists() && file.length() > 0;
    }
}
