package com.baramundi.android.sharedlib;

import android.content.Context;
import android.content.ContextWrapper;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.os.Bundle;
import android.os.Message;
import android.util.Log;
import ch.qos.logback.core.net.ssl.SSL;
import com.baramundi.android.sharedlib.exceptions.CertificateNotFoundException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileOutputStream;
import java.io.ObjectOutputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class SharedCertificateHelper {
    private static final String TAG = "com.baramundi.android.sharedlib.SharedCertificateHelper";
    private static final String defaultPass = "CT3KWSVovlMi76jU4T8IcOo6";
    private static final String samsungPrivateKeyStore = "baramundiSamsungPrivateCert";
    private static final String samsungPublicKeyStore = "baramundiSamsungPublicCert";

    public static boolean ValidateApp(int i, PackageManager packageManager, String str, String str2) {
        for (String str3 : packageManager.getPackagesForUid(i)) {
            if (str3.equals(str)) {
                try {
                    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                    for (Signature signature : packageManager.getPackageInfo(str3, 64).signatures) {
                        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(signature.toByteArray());
                        X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
                        byteArrayInputStream.close();
                        if (getThumbPrint(x509Certificate).toUpperCase().equals(str2)) {
                            Log.d(TAG, "Certificate validated");
                            return true;
                        }
                    }
                } catch (Exception unused) {
                    return false;
                }
            }
        }
        Log.d(TAG, "Certificate could not be validated! Cancelling");
        return false;
    }

    public static void addEncryptedDataToMessage(Message message, Context context) throws CertificateNotFoundException {
        Bundle bundle = new Bundle();
        try {
            PublicKey publicKeyFromKeyStore = getPublicKeyFromKeyStore(loadSamsungPublicKeyStoreFromDevice(context));
            byte[] generateRandomAESKey = generateRandomAESKey();
            byte[] encryptRSA = encryptRSA(generateRandomAESKey, publicKeyFromKeyStore);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
            objectOutputStream.writeObject(message.obj);
            bundle.putByteArray(ExtensionDataFields.DATA, encryptAES(generateRandomAESKey, byteArrayOutputStream.toByteArray()));
            bundle.putByteArray(ExtensionDataFields.AES, encryptRSA);
            objectOutputStream.close();
            byteArrayOutputStream.close();
            message.obj = null;
            message.setData(bundle);
        } catch (Exception unused) {
            throw new CertificateNotFoundException();
        }
    }

    private static KeyStore createKeyStore(KeyPair keyPair, X509Certificate x509Certificate) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setKeyEntry(samsungPrivateKeyStore, keyPair.getPrivate(), defaultPass.toCharArray(), new Certificate[]{x509Certificate});
        keyStore.setCertificateEntry(samsungPublicKeyStore, x509Certificate);
        return keyStore;
    }

    private static KeyPair createRandomKeyPair() throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        return keyPairGenerator.genKeyPair();
    }

    public static byte[] decryptAES(byte[] bArr, byte[] bArr2) throws Exception {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, ExtensionDataFields.AES);
        Cipher cipher = Cipher.getInstance(ExtensionDataFields.AES);
        cipher.init(2, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    public static byte[] encryptAES(byte[] bArr, byte[] bArr2) throws Exception {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, ExtensionDataFields.AES);
        Cipher cipher = Cipher.getInstance(ExtensionDataFields.AES);
        cipher.init(1, secretKeySpec);
        return cipher.doFinal(bArr2);
    }

    public static byte[] encryptRSA(byte[] bArr, Context context) throws Exception {
        return encryptRSA(bArr, getPublicKeyFromDevice(context));
    }

    public static byte[] encryptRSA(byte[] bArr, PublicKey publicKey) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(1, publicKey);
        return cipher.doFinal(bArr);
    }

    public static byte[] generateRandomAESKey() throws Exception {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(ExtensionDataFields.AES);
        keyGenerator.init(256, SecureRandom.getInstance(SSL.DEFAULT_SECURE_RANDOM_ALGORITHM));
        return keyGenerator.generateKey().getEncoded();
    }

    public static PrivateKey getPrivateKeyFromKeyStore(KeyStore keyStore) throws Exception {
        return (PrivateKey) keyStore.getKey(samsungPrivateKeyStore, defaultPass.toCharArray());
    }

    public static PublicKey getPublicKeyFromDevice(Context context) throws Exception {
        return getPublicKeyFromKeyStore(loadSamsungPublicKeyStoreFromDevice(context));
    }

    public static PublicKey getPublicKeyFromKeyStore(KeyStore keyStore) throws Exception {
        return keyStore.getCertificate(samsungPublicKeyStore).getPublicKey();
    }

    public static String getSamsungPublicKeyStoreName() {
        return samsungPublicKeyStore;
    }

    public static String getThumbPrint(X509Certificate x509Certificate) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(x509Certificate.getEncoded());
            return hexify(messageDigest.digest());
        } catch (Exception unused) {
            return null;
        }
    }

    public static X509Certificate getX509CertificateFromByteArray(byte[] bArr) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (CertificateException e) {
            Log.e(TAG, "error while creating X509 certificate from byte[]", e);
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:26:0x0053 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.cert.X509Certificate getX509IdentityFromByteArray(byte[] r4, java.lang.String r5) {
        /*
            r0 = 0
            java.io.ByteArrayInputStream r1 = new java.io.ByteArrayInputStream     // Catch: java.lang.Throwable -> L2b java.lang.Exception -> L2e
            r1.<init>(r4)     // Catch: java.lang.Throwable -> L2b java.lang.Exception -> L2e
            java.lang.String r4 = "pkcs12"
            java.security.KeyStore r4 = java.security.KeyStore.getInstance(r4)     // Catch: java.lang.Exception -> L29 java.lang.Throwable -> L50
            char[] r5 = r5.toCharArray()     // Catch: java.lang.Exception -> L29 java.lang.Throwable -> L50
            r4.load(r1, r5)     // Catch: java.lang.Exception -> L29 java.lang.Throwable -> L50
            java.util.Enumeration r5 = r4.aliases()     // Catch: java.lang.Exception -> L29 java.lang.Throwable -> L50
            java.lang.Object r5 = r5.nextElement()     // Catch: java.lang.Exception -> L29 java.lang.Throwable -> L50
            java.lang.String r5 = (java.lang.String) r5     // Catch: java.lang.Exception -> L29 java.lang.Throwable -> L50
            java.security.cert.Certificate r4 = r4.getCertificate(r5)     // Catch: java.lang.Exception -> L29 java.lang.Throwable -> L50
            java.security.cert.X509Certificate r4 = (java.security.cert.X509Certificate) r4     // Catch: java.lang.Exception -> L29 java.lang.Throwable -> L50
            if (r1 == 0) goto L28
            r1.close()     // Catch: java.io.IOException -> L28
        L28:
            return r4
        L29:
            r4 = move-exception
            goto L30
        L2b:
            r4 = move-exception
            r1 = r0
            goto L51
        L2e:
            r4 = move-exception
            r1 = r0
        L30:
            java.lang.String r5 = com.baramundi.android.sharedlib.SharedCertificateHelper.TAG     // Catch: java.lang.Throwable -> L50
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L50
            r2.<init>()     // Catch: java.lang.Throwable -> L50
            java.lang.String r3 = "Get certificate from keystore exception: "
            r2.append(r3)     // Catch: java.lang.Throwable -> L50
            java.lang.String r4 = r4.getMessage()     // Catch: java.lang.Throwable -> L50
            r2.append(r4)     // Catch: java.lang.Throwable -> L50
            java.lang.String r4 = r2.toString()     // Catch: java.lang.Throwable -> L50
            android.util.Log.i(r5, r4)     // Catch: java.lang.Throwable -> L50
            if (r1 == 0) goto L4f
            r1.close()     // Catch: java.io.IOException -> L4f
        L4f:
            return r0
        L50:
            r4 = move-exception
        L51:
            if (r1 == 0) goto L56
            r1.close()     // Catch: java.io.IOException -> L56
        L56:
            throw r4
        */
        throw new UnsupportedOperationException("Method not decompiled: com.baramundi.android.sharedlib.SharedCertificateHelper.getX509IdentityFromByteArray(byte[], java.lang.String):java.security.cert.X509Certificate");
    }

    public static String hexify(byte[] bArr) {
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
        StringBuffer stringBuffer = new StringBuffer(bArr.length * 2);
        for (int i = 0; i < bArr.length; i++) {
            stringBuffer.append(cArr[(bArr[i] & 240) >> 4]);
            stringBuffer.append(cArr[bArr[i] & 15]);
        }
        return stringBuffer.toString();
    }

    public static KeyStore loadKeyStoreFromDevice(String str, String str2, Context context) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(new ContextWrapper(context).openFileInput(str), str2.toCharArray());
        return keyStore;
    }

    public static KeyStore loadPublicKeyStoreFromPrivate(KeyStore keyStore) throws Exception {
        KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore2.load(null, null);
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(samsungPublicKeyStore);
        new Certificate[1][0] = x509Certificate;
        keyStore2.setCertificateEntry(samsungPublicKeyStore, x509Certificate);
        return keyStore2;
    }

    public static KeyStore loadSamsungPublicKeyStoreFromDevice(Context context) throws Exception {
        return loadKeyStoreFromDevice(samsungPublicKeyStore, defaultPass, context);
    }

    public static void saveKeyStoreToDevice(String str, KeyStore keyStore, Context context) throws Exception {
        FileOutputStream openFileOutput = new ContextWrapper(context).openFileOutput(str, 0);
        keyStore.store(openFileOutput, defaultPass.toCharArray());
        openFileOutput.close();
    }
}
