package com.google.android.tv.remote.pairing;

import android.bluetooth.BluetoothAdapter;
import android.content.Context;
import android.os.Build;
import android.text.TextUtils;
import com.google.polo.ssl.SslUtil;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.UUID;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes3.dex */
public final class KeyStoreManager {

    /* renamed from: d, reason: collision with root package name */
    public static String f17328d = "AndroidKeyStore";

    /* renamed from: e, reason: collision with root package name */
    public static final char[] f17329e = "KeyStore_Password".toCharArray();
    public final Context a;

    /* renamed from: b, reason: collision with root package name */
    public final KeyStore f17330b;

    /* renamed from: c, reason: collision with root package name */
    public final DynamicTrustManager f17331c;

    /* loaded from: classes3.dex */
    public static class DynamicTrustManager implements X509TrustManager {
        public X509TrustManager a;

        public DynamicTrustManager(KeyStore keyStore) {
            reloadTrustManager(keyStore);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.a.checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.a.checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        public void reloadTrustManager(KeyStore keyStore) {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                for (int i2 = 0; i2 < trustManagers.length; i2++) {
                    if (trustManagers[i2] instanceof X509TrustManager) {
                        this.a = (X509TrustManager) trustManagers[i2];
                        return;
                    }
                }
                throw new IllegalStateException("No trust manager found");
            } catch (KeyStoreException | NoSuchAlgorithmException unused) {
            }
        }
    }

    public KeyStoreManager(Context context) {
        this.a = context;
        KeyStore c2 = c();
        this.f17330b = c2;
        this.f17331c = new DynamicTrustManager(c2);
    }

    public static String a(String str) {
        return String.format("atvremote-remote-%s", str);
    }

    public static String a(Certificate certificate) {
        X500Principal subjectX500Principal;
        if (!(certificate instanceof X509Certificate) || (subjectX500Principal = ((X509Certificate) certificate).getSubjectX500Principal()) == null) {
            return null;
        }
        return subjectX500Principal.getName();
    }

    public static final String b(String str) {
        return "CN=atvremote/" + Build.PRODUCT + "/" + Build.DEVICE + "/" + Build.MODEL + "/" + str;
    }

    public static final String e() {
        if (!TextUtils.isEmpty(Build.SERIAL)) {
            return Build.SERIAL;
        }
        String address = BluetoothAdapter.getDefaultAdapter().getAddress();
        return !TextUtils.isEmpty(address) ? address : UUID.randomUUID().toString();
    }

    public final void a() {
        try {
            Enumeration<String> aliases = this.f17330b.aliases();
            while (aliases.hasMoreElements()) {
                this.f17330b.deleteEntry(aliases.nextElement());
            }
        } catch (KeyStoreException unused) {
        }
        store();
    }

    public final void a(KeyStore keyStore) throws GeneralSecurityException {
        a(keyStore, "atvremote-local");
    }

    public final void a(KeyStore keyStore, String str) throws GeneralSecurityException {
        a(keyStore, str, e());
    }

    public final void a(KeyStore keyStore, String str, String str2) throws GeneralSecurityException {
        KeyPair generateKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
        keyStore.setKeyEntry(str, generateKeyPair.getPrivate(), null, new Certificate[]{SslUtil.generateX509V3Certificate(generateKeyPair, b(str2))});
    }

    public final KeyStore b() throws GeneralSecurityException {
        KeyStore keyStore;
        if (d()) {
            keyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                keyStore.load(null);
            } catch (IOException e2) {
                throw new GeneralSecurityException("Unable to create empty keyStore", e2);
            }
        } else {
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                keyStore.load(null, f17329e);
            } catch (IOException e3) {
                throw new GeneralSecurityException("Unable to create empty keyStore", e3);
            }
        }
        a(keyStore);
        return keyStore;
    }

    public final boolean b(KeyStore keyStore) {
        try {
            return keyStore.containsAlias("atvremote-local");
        } catch (KeyStoreException unused) {
            return false;
        }
    }

    public final KeyStore c() {
        KeyStore keyStore;
        KeyStore keyStore2 = null;
        try {
            if (d()) {
                keyStore = KeyStore.getInstance(f17328d);
                keyStore.load(null);
            } else {
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(this.a.openFileInput("atvremote.keystore"), f17329e);
            }
            keyStore2 = keyStore;
        } catch (IOException | GeneralSecurityException unused) {
        } catch (KeyStoreException e2) {
            throw new IllegalStateException("Unable to get default instance of KeyStore", e2);
        }
        if (keyStore2 != null && b(keyStore2)) {
            return keyStore2;
        }
        try {
            KeyStore b2 = b();
            c(b2);
            return b2;
        } catch (GeneralSecurityException e3) {
            throw new IllegalStateException("Unable to create identity KeyStore", e3);
        }
    }

    public final void c(KeyStore keyStore) {
        if (d()) {
            return;
        }
        try {
            FileOutputStream openFileOutput = this.a.openFileOutput("atvremote.keystore", 0);
            keyStore.store(openFileOutput, f17329e);
            openFileOutput.close();
        } catch (IOException e2) {
            throw new IllegalStateException("Unable to store keyStore", e2);
        } catch (GeneralSecurityException e3) {
            throw new IllegalStateException("Unable to store keyStore", e3);
        }
    }

    public void clear() {
        a();
        try {
            a(this.f17330b);
        } catch (GeneralSecurityException unused) {
        }
        store();
    }

    public final boolean d() {
        return Build.VERSION.SDK_INT >= 18;
    }

    public KeyManager[] getKeyManagers() throws GeneralSecurityException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(this.f17330b, "".toCharArray());
        return keyManagerFactory.getKeyManagers();
    }

    public TrustManager[] getTrustManagers() throws GeneralSecurityException {
        try {
            return new DynamicTrustManager[]{this.f17331c};
        } catch (Exception e2) {
            throw new GeneralSecurityException(e2);
        }
    }

    public boolean hasServerIdentityAlias() {
        return b(this.f17330b);
    }

    public void initializeKeyStore() {
        initializeKeyStore(e());
    }

    public void initializeKeyStore(String str) {
        a();
        try {
            a(this.f17330b, "atvremote-remote", str);
            store();
        } catch (GeneralSecurityException e2) {
            throw new IllegalStateException("Unable to create identity KeyStore", e2);
        }
    }

    public Certificate removeCertificate(String str) {
        try {
            String a = a(str);
            if (!this.f17330b.containsAlias(a)) {
                return null;
            }
            Certificate certificate = this.f17330b.getCertificate(a);
            this.f17330b.deleteEntry(a);
            store();
            return certificate;
        } catch (KeyStoreException unused) {
            return null;
        }
    }

    public void store() {
        this.f17331c.reloadTrustManager(this.f17330b);
        c(this.f17330b);
    }

    public void storeCertificate(Certificate certificate) {
        storeCertificate(certificate, Integer.toString(certificate.hashCode()));
    }

    public void storeCertificate(Certificate certificate, String str) {
        try {
            String a = a(str);
            String a2 = a(certificate);
            if (this.f17330b.containsAlias(a)) {
                this.f17330b.deleteEntry(a);
            }
            if (a2 != null) {
                Enumeration<String> aliases = this.f17330b.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    String a3 = a(this.f17330b.getCertificate(nextElement));
                    if (a3 != null && a3.equals(a2)) {
                        String str2 = "Deleting entry for " + nextElement + " (" + a3 + ")";
                        this.f17330b.deleteEntry(nextElement);
                    }
                }
            }
            this.f17330b.setCertificateEntry(a, certificate);
            store();
        } catch (KeyStoreException unused) {
        }
    }
}
