package com.tomtom.mydrive.communication.common;

import android.content.Context;
import android.support.annotation.NonNull;
import com.tomtom.mydrive.commons.Defrobnication;
import com.tomtom.mydrive.communication.helpers.CertificateHelper;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import nl.nspyre.commons.logging.Log;
import nl.nspyre.commons.logging.Logger;
import org.apache.commons.lang3.StringUtils;
import org.spongycastle.util.encoders.Hex;

@Log(tag = "KeyStoreManager")
/* loaded from: classes.dex */
public class KeyStoreManager {
    private static final String KEYSTORE_FILENAME = "keystore";
    protected static final String KEYSTORE_KEY_ENTRY_ALIAS = "key";
    protected static final String KEYSTORE_TYPE = "BKS";
    private static final String KEY_PAIR_GENERATOR_ALGORITHM = "RSA";
    private static final int KEY_PAIR_SIZE = 2048;
    protected static final String MESSAGE_DIGEST_ALGORITHM = "SHA-256";
    private static final int NUMBER_OF_NIBBLES = 5;
    private static final int PAIRING_NUMBER_SIZE = 6;
    private static final char VERIFICATION_KEY_PADDING_CHAR = '0';
    private final Context mContext;
    protected KeyStore mKeyStore;

    public KeyStoreManager(Context context) {
        this.mContext = context;
    }

    protected static String generatePaddedCode(String str, String str2) throws NoSuchAlgorithmException {
        String hexString = Hex.toHexString(MessageDigest.getInstance(MESSAGE_DIGEST_ALGORITHM).digest((str + str2).getBytes()));
        return hexString.length() >= 5 ? StringUtils.leftPad(Integer.toString(Integer.valueOf(hexString.substring(0, 5), 16).intValue() % ((int) Math.pow(10.0d, 6.0d))), 6, VERIFICATION_KEY_PADDING_CHAR) : "";
    }

    /* JADX WARN: Removed duplicated region for block: B:27:0x003b A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void addCertificateEntry(@android.support.annotation.NonNull java.security.cert.X509Certificate r7) throws java.security.cert.CertificateException {
        /*
            r6 = this;
            java.lang.String r3 = "Add client certificate entry to keystore"
            nl.nspyre.commons.logging.Logger.d(r3)
            r2 = 0
            java.lang.String r1 = com.tomtom.mydrive.communication.helpers.CertificateHelper.getCommonName(r7)     // Catch: java.security.KeyStoreException -> L32 java.lang.Throwable -> L46 java.security.cert.CertificateException -> L54 java.security.NoSuchAlgorithmException -> L57 java.io.IOException -> L5a
            java.security.KeyStore r3 = r6.mKeyStore     // Catch: java.security.KeyStoreException -> L32 java.lang.Throwable -> L46 java.security.cert.CertificateException -> L54 java.security.NoSuchAlgorithmException -> L57 java.io.IOException -> L5a
            r3.setCertificateEntry(r1, r7)     // Catch: java.security.KeyStoreException -> L32 java.lang.Throwable -> L46 java.security.cert.CertificateException -> L54 java.security.NoSuchAlgorithmException -> L57 java.io.IOException -> L5a
            android.content.Context r3 = r6.mContext     // Catch: java.security.KeyStoreException -> L32 java.lang.Throwable -> L46 java.security.cert.CertificateException -> L54 java.security.NoSuchAlgorithmException -> L57 java.io.IOException -> L5a
            java.lang.String r4 = "keystore"
            r5 = 0
            java.io.FileOutputStream r2 = r3.openFileOutput(r4, r5)     // Catch: java.security.KeyStoreException -> L32 java.lang.Throwable -> L46 java.security.cert.CertificateException -> L54 java.security.NoSuchAlgorithmException -> L57 java.io.IOException -> L5a
            java.security.KeyStore r3 = r6.mKeyStore     // Catch: java.security.KeyStoreException -> L32 java.lang.Throwable -> L46 java.security.cert.CertificateException -> L54 java.security.NoSuchAlgorithmException -> L57 java.io.IOException -> L5a
            java.lang.String r4 = com.tomtom.mydrive.commons.Defrobnication.getDefrobnicated()     // Catch: java.security.KeyStoreException -> L32 java.lang.Throwable -> L46 java.security.cert.CertificateException -> L54 java.security.NoSuchAlgorithmException -> L57 java.io.IOException -> L5a
            char[] r4 = r4.toCharArray()     // Catch: java.security.KeyStoreException -> L32 java.lang.Throwable -> L46 java.security.cert.CertificateException -> L54 java.security.NoSuchAlgorithmException -> L57 java.io.IOException -> L5a
            r3.store(r2, r4)     // Catch: java.security.KeyStoreException -> L32 java.lang.Throwable -> L46 java.security.cert.CertificateException -> L54 java.security.NoSuchAlgorithmException -> L57 java.io.IOException -> L5a
            if (r2 == 0) goto L2a
            r2.close()     // Catch: java.io.IOException -> L2b
        L2a:
            return
        L2b:
            r0 = move-exception
            java.lang.String r3 = "Close() failure"
            nl.nspyre.commons.logging.Logger.w(r0, r3)
            goto L2a
        L32:
            r3 = move-exception
            r0 = r3
        L34:
            java.lang.String r3 = "Exception"
            nl.nspyre.commons.logging.Logger.w(r0, r3)     // Catch: java.lang.Throwable -> L46
            if (r2 == 0) goto L2a
            r2.close()     // Catch: java.io.IOException -> L3f
            goto L2a
        L3f:
            r0 = move-exception
            java.lang.String r3 = "Close() failure"
            nl.nspyre.commons.logging.Logger.w(r0, r3)
            goto L2a
        L46:
            r3 = move-exception
            if (r2 == 0) goto L4c
            r2.close()     // Catch: java.io.IOException -> L4d
        L4c:
            throw r3
        L4d:
            r0 = move-exception
            java.lang.String r4 = "Close() failure"
            nl.nspyre.commons.logging.Logger.w(r0, r4)
            goto L4c
        L54:
            r3 = move-exception
            r0 = r3
            goto L34
        L57:
            r3 = move-exception
            r0 = r3
            goto L34
        L5a:
            r3 = move-exception
            r0 = r3
            goto L34
        */
        throw new UnsupportedOperationException("Method not decompiled: com.tomtom.mydrive.communication.common.KeyStoreManager.addCertificateEntry(java.security.cert.X509Certificate):void");
    }

    public String createVerificationCode(X509Certificate x509Certificate) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(MESSAGE_DIGEST_ALGORITHM);
            return generatePaddedCode(Hex.toHexString(messageDigest.digest(((X509Certificate) this.mKeyStore.getCertificate(KEYSTORE_KEY_ENTRY_ALIAS)).getEncoded())), Hex.toHexString(messageDigest.digest(x509Certificate.getEncoded())));
        } catch (KeyStoreException | NoSuchAlgorithmException | CertificateEncodingException e) {
            Logger.w(e, "Error while generating verification code");
            return "";
        }
    }

    public AdditionalKeyStoresTrustManager getAdditionalKeyStoresTrustManagers() {
        return new AdditionalKeyStoresTrustManager(true, this.mKeyStore);
    }

    public KeyManagerFactory getKeyManagerFactory() throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
        Logger.d("Init key manager factory");
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(this.mKeyStore, new StringBuilder(Defrobnication.getDefrobnicated()).reverse().toString().toCharArray());
        return keyManagerFactory;
    }

    /* JADX WARN: Can't wrap try/catch for region: R(10:1|(3:2|3|(2:55|56))|5|(4:7|8|9|(2:11|12))|36|37|(1:39)|(1:41)|(3:44|45|46)(1:51)|(1:(0))) */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x00ce, code lost:
    
        r1 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:53:0x00cf, code lost:
    
        nl.nspyre.commons.logging.Logger.w(r1, "Error verifying certificate");
        r4 = false;
     */
    /* JADX WARN: Removed duplicated region for block: B:39:0x006d  */
    /* JADX WARN: Removed duplicated region for block: B:41:0x0070 A[Catch: KeyStoreException | CertificateExpiredException | CertificateNotYetValidException -> 0x00ce, CertificateExpiredException -> 0x00fc, CertificateNotYetValidException -> 0x00fe, TRY_LEAVE, TryCatch #14 {KeyStoreException | CertificateExpiredException | CertificateNotYetValidException -> 0x00ce, blocks: (B:37:0x0063, B:41:0x0070), top: B:36:0x0063 }] */
    /* JADX WARN: Removed duplicated region for block: B:44:0x0077 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:51:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:73:0x008e A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:7:0x0033  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void initialize() throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 256
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.tomtom.mydrive.communication.common.KeyStoreManager.initialize():void");
    }

    public boolean isClientCertificateTrusted(@NonNull X509Certificate x509Certificate) throws KeyStoreException, NoCommonNameCertificateException {
        String commonName = CertificateHelper.getCommonName(x509Certificate);
        Certificate certificate = this.mKeyStore.getCertificate(commonName);
        boolean z = certificate != null && certificate.equals(x509Certificate);
        if (!z) {
            Logger.d("verifying if certificate is trusted. x509certificate = " + x509Certificate);
            Logger.d("Common name = " + commonName);
            Logger.d("trusted certificate = " + certificate);
        }
        return z;
    }

    public void resetPrivateKey() throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        Logger.d("Reset private key");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_PAIR_GENERATOR_ALGORITHM);
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        PublicKey publicKey = generateKeyPair.getPublic();
        PrivateKey privateKey = generateKeyPair.getPrivate();
        X509Certificate build = CertificateBuilder.build(publicKey, privateKey, CertificateHelper.getDeviceId());
        this.mKeyStore.setKeyEntry(KEYSTORE_KEY_ENTRY_ALIAS, privateKey, new StringBuilder(Defrobnication.getDefrobnicated()).reverse().toString().toCharArray(), new Certificate[]{build});
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = this.mContext.openFileOutput(KEYSTORE_FILENAME, 0);
                this.mKeyStore.store(fileOutputStream, Defrobnication.getDefrobnicated().toCharArray());
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e) {
                        Logger.w(e, "Close() failure");
                    }
                }
            } catch (IOException e2) {
                Logger.w(e2, "Exception");
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e3) {
                        Logger.w(e3, "Close() failure");
                    }
                }
            }
        } catch (Throwable th) {
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e4) {
                    Logger.w(e4, "Close() failure");
                }
            }
            throw th;
        }
    }

    public void updateTrustManager(AdditionalKeyStoresTrustManager additionalKeyStoresTrustManager) {
        additionalKeyStoresTrustManager.setKeyStores(this.mKeyStore);
    }
}
