package com.avaya.clientservices.provider.certificate.internal;

import android.content.Context;
import com.avaya.clientservices.client.Log;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import javax.security.auth.DestroyFailedException;

/* loaded from: classes2.dex */
public class PKCS12BackedClientIdentityCertificateStore {
    private static final String AVAYA_ENDPOINT_CERTIFICATE_KEY_STORE = "AvayaIdentity";
    private static final String AVAYA_PRIVATE_KEY_ALIAS_MANUAL_CONFIG = "com.avaya.clientservices.manual.universal";
    private static final String AVAYA_PRIVATE_KEY_ALIAS_SCEP_CONFIG = "com.avaya.clientservices.scep.universal";
    private Context mContext;
    private final AESEncrypter mEncrypter;
    private final Lock _mKeyStoreLock = new ReentrantLock();
    private KeyStore mPKCS12KeyStore = null;
    private final char[] mKeyStoreSecret = "AvayaClientServices@1234".toCharArray();

    public PKCS12BackedClientIdentityCertificateStore(Context context, AESEncrypter aESEncrypter) {
        this.mContext = context;
        this.mEncrypter = aESEncrypter;
    }

    private KeyStore createEmptyPKCS12KeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, null);
            return keyStore;
        } catch (IOException e) {
            Log.w("Create keystore failed.", e);
            return null;
        } catch (KeyStoreException e2) {
            Log.w("Create keystore failed.", e2);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            Log.w("Create keystore failed.", e3);
            return null;
        } catch (CertificateException e4) {
            Log.w("Create keystore failed.", e4);
            return null;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v0 */
    /* JADX WARN: Type inference failed for: r2v1 */
    /* JADX WARN: Type inference failed for: r2v10 */
    /* JADX WARN: Type inference failed for: r2v12 */
    /* JADX WARN: Type inference failed for: r2v14 */
    /* JADX WARN: Type inference failed for: r2v16, types: [java.io.OutputStream] */
    /* JADX WARN: Type inference failed for: r2v17 */
    /* JADX WARN: Type inference failed for: r2v18 */
    /* JADX WARN: Type inference failed for: r2v19 */
    /* JADX WARN: Type inference failed for: r2v2, types: [java.io.OutputStream] */
    /* JADX WARN: Type inference failed for: r2v20 */
    /* JADX WARN: Type inference failed for: r2v21 */
    /* JADX WARN: Type inference failed for: r2v22 */
    /* JADX WARN: Type inference failed for: r2v23 */
    /* JADX WARN: Type inference failed for: r2v3 */
    /* JADX WARN: Type inference failed for: r2v4 */
    /* JADX WARN: Type inference failed for: r2v6 */
    /* JADX WARN: Type inference failed for: r2v8 */
    /* JADX WARN: Type inference failed for: r5v1 */
    /* JADX WARN: Type inference failed for: r5v2 */
    /* JADX WARN: Type inference failed for: r5v3 */
    /* JADX WARN: Type inference failed for: r5v4 */
    /* JADX WARN: Type inference failed for: r5v5 */
    /* JADX WARN: Type inference failed for: r5v6 */
    /* JADX WARN: Type inference failed for: r7v0, types: [java.security.KeyStore] */
    private void persistKeyStore(KeyStore keyStore) throws CertificateStoreException, CertificateException {
        FileOutputStream fileOutputStream;
        ?? r2 = 0;
        r2 = 0;
        r2 = 0;
        r2 = 0;
        r2 = 0;
        r2 = 0;
        r2 = 0;
        r2 = 0;
        try {
            if (keyStore == 0) {
                this.mContext.deleteFile(AVAYA_ENDPOINT_CERTIFICATE_KEY_STORE);
                setKeyStore(null);
                Log.i("Deleted identity certificate store.");
                return;
            }
            try {
                fileOutputStream = this.mContext.openFileOutput(AVAYA_ENDPOINT_CERTIFICATE_KEY_STORE, 0);
                try {
                    r2 = this.mEncrypter.getCipherOutputStream(fileOutputStream);
                    keyStore.store(r2, this.mKeyStoreSecret);
                    Log.d("Successfully saved identity store.");
                    if (r2 != 0) {
                        try {
                            r2.close();
                        } catch (IOException unused) {
                            return;
                        }
                    }
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                } catch (AvayaClientServicesEncrypterException e) {
                    e = e;
                    Log.d("Persist error. ", e);
                    throw new CertificateStoreException(e);
                } catch (FileNotFoundException e2) {
                    e = e2;
                    Log.d("Persist error. ", e);
                    throw new CertificateStoreException(e);
                } catch (IOException e3) {
                    e = e3;
                    Log.d("Persist error. ", e);
                    throw new CertificateStoreException(e);
                } catch (InvalidKeyException e4) {
                    e = e4;
                    Log.d("Persist error. ", e);
                    throw new AssertionError(e);
                } catch (KeyStoreException e5) {
                    e = e5;
                    Log.d("Persist error. ", e);
                    throw new CertificateStoreException(e);
                } catch (NoSuchAlgorithmException e6) {
                    e = e6;
                    Log.d("Persist error. ", e);
                    throw new CertificateStoreException(e);
                } catch (Throwable th) {
                    th = th;
                    if (r2 != 0) {
                        try {
                            r2.close();
                        } catch (IOException unused2) {
                            throw th;
                        }
                    }
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    throw th;
                }
            } catch (AvayaClientServicesEncrypterException e7) {
                e = e7;
            } catch (FileNotFoundException e8) {
                e = e8;
            } catch (IOException e9) {
                e = e9;
            } catch (InvalidKeyException e10) {
                e = e10;
            } catch (KeyStoreException e11) {
                e = e11;
            } catch (NoSuchAlgorithmException e12) {
                e = e12;
            } catch (Throwable th2) {
                th = th2;
                fileOutputStream = null;
            }
        } catch (Throwable th3) {
            th = th3;
            r2 = AVAYA_ENDPOINT_CERTIFICATE_KEY_STORE;
            fileOutputStream = null;
        }
    }

    private void setKeyStore(KeyStore keyStore) {
        this._mKeyStoreLock.lock();
        this.mPKCS12KeyStore = keyStore;
        this._mKeyStoreLock.unlock();
    }

    public void deleteCertificateStore() throws CertificateStoreException {
        try {
            try {
                persistKeyStore(null);
                try {
                    this.mEncrypter.destroyKeys();
                    Log.d("Client certificate store deleted successfully.");
                } catch (DestroyFailedException e) {
                    Log.d("Failed to delete identity certificate store.", e);
                    throw new CertificateStoreException(e);
                }
            } catch (CertificateStoreException e2) {
                Log.d("Failed to delete client certificate store.", e2);
                throw new CertificateStoreException(e2);
            } catch (CertificateException e3) {
                Log.d("Failed to delete client certificate store.", e3);
                throw new CertificateStoreException(e3);
            }
        } catch (Throwable th) {
            try {
                this.mEncrypter.destroyKeys();
                throw th;
            } catch (DestroyFailedException e4) {
                Log.d("Failed to delete identity certificate store.", e4);
                throw new CertificateStoreException(e4);
            }
        }
    }

    public X509Certificate[] getIdentityCertificateChain() throws CertificateStoreException {
        KeyStore keyStore;
        X509Certificate generateX509Certificate;
        ArrayList arrayList = new ArrayList();
        try {
            try {
                this._mKeyStoreLock.lock();
                keyStore = this.mPKCS12KeyStore;
            } catch (KeyStoreException e) {
                Log.d("Certificates retrieval error. ", e);
            }
            if (keyStore == null) {
                throw new KeyStoreException("Endpoint certificate store is not available.");
            }
            Certificate[] certificateChain = keyStore.getCertificateChain(AVAYA_PRIVATE_KEY_ALIAS_MANUAL_CONFIG);
            Log.d("Number of identity certificates retrieved = " + certificateChain.length);
            for (int i = 0; i < certificateChain.length; i++) {
                try {
                    generateX509Certificate = CertificateUtils.generateX509Certificate(certificateChain[i].getEncoded());
                } catch (CertificateEncodingException e2) {
                    Log.e("Unable to retrieve client identity certificate", e2);
                } catch (CertificateException e3) {
                    Log.e("Unable to retrieve client identity certificate", e3);
                }
                if (generateX509Certificate == null) {
                    throw new CertificateException();
                    break;
                }
                Log.d("Client identity certificate = " + generateX509Certificate.getSubjectX500Principal().getName());
                arrayList.add(i, generateX509Certificate);
            }
            this._mKeyStoreLock.unlock();
            return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
        } catch (Throwable th) {
            this._mKeyStoreLock.unlock();
            throw th;
        }
    }

    public String[] getIdentityCertificateChainAsPEMStringArray() throws CertificateStoreException, CertificateEncodingException {
        X509Certificate[] identityCertificateChain = getIdentityCertificateChain();
        int length = identityCertificateChain.length;
        String[] strArr = new String[length];
        for (int i = 0; i < length; i++) {
            String convertRawCertificateToPEM = CertificateUtils.convertRawCertificateToPEM(identityCertificateChain[i].getEncoded());
            if (convertRawCertificateToPEM == null) {
                Log.d("Certificate encoding error.");
                throw new CertificateEncodingException();
            }
            strArr[i] = convertRawCertificateToPEM;
        }
        return strArr;
    }

    public String getPEMEncodedPrivateKeyString() {
        try {
            return CertificateUtils.convertPrivateKeyToPEMString(getPrivateKey());
        } catch (CertificateStoreException e) {
            Log.d("Bad Private key.", e);
            return null;
        }
    }

    public PrivateKey getPrivateKey() throws CertificateStoreException {
        try {
            try {
                try {
                    this._mKeyStoreLock.lock();
                    KeyStore keyStore = this.mPKCS12KeyStore;
                    return keyStore != null ? (PrivateKey) keyStore.getKey(AVAYA_PRIVATE_KEY_ALIAS_MANUAL_CONFIG, this.mKeyStoreSecret) : null;
                } catch (NoSuchAlgorithmException e) {
                    Log.e("Private key retrieval error. ", e);
                    throw new CertificateStoreException(e);
                }
            } catch (KeyStoreException e2) {
                Log.e("Private key retrieval error. ", e2);
                throw new CertificateStoreException(e2);
            } catch (UnrecoverableKeyException e3) {
                Log.e("Private key retrieval error. ", e3);
                throw new CertificateStoreException(e3);
            }
        } finally {
            this._mKeyStoreLock.unlock();
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:25:0x00b2 A[Catch: all -> 0x00c9, TRY_ENTER, TryCatch #15 {, blocks: (B:3:0x0001, B:5:0x0005, B:9:0x000c, B:31:0x0026, B:21:0x002f, B:25:0x00b2, B:26:0x00b7, B:85:0x00c0, B:80:0x00c5, B:83:0x00c8, B:46:0x00a7, B:41:0x00ac), top: B:2:0x0001 }] */
    /* JADX WARN: Removed duplicated region for block: B:80:0x00c5 A[Catch: IOException -> 0x00c8, all -> 0x00c9, TRY_LEAVE, TryCatch #8 {IOException -> 0x00c8, blocks: (B:85:0x00c0, B:80:0x00c5), top: B:84:0x00c0 }] */
    /* JADX WARN: Removed duplicated region for block: B:84:0x00c0 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public synchronized void mayLoad() throws com.avaya.clientservices.provider.certificate.internal.CertificateStoreException {
        /*
            Method dump skipped, instructions count: 204
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.avaya.clientservices.provider.certificate.internal.PKCS12BackedClientIdentityCertificateStore.mayLoad():void");
    }

    public void saveCertificateChainAndKey(String[] strArr, char[] cArr) throws CertificateException, CertificateStoreException {
        PrivateKey convertPKCS8StringToRSAPrivateKey = CertificateUtils.convertPKCS8StringToRSAPrivateKey(cArr);
        if (convertPKCS8StringToRSAPrivateKey == null) {
            Log.d("Failed to decode private key.");
            throw new CertificateException("Failed to decode private key.");
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            X509Certificate convertToX509Certificate = CertificateUtils.convertToX509Certificate(strArr[i]);
            if (convertToX509Certificate == null) {
                Log.d("Failed to decode the certificate chain.");
                throw new CertificateException("Failed to decode the certificate chain.");
            }
            x509CertificateArr[i] = convertToX509Certificate;
        }
        saveCertificateChainAndKey(x509CertificateArr, convertPKCS8StringToRSAPrivateKey);
    }

    public void saveCertificateChainAndKey(X509Certificate[] x509CertificateArr, PrivateKey privateKey) throws CertificateStoreException {
        try {
            try {
                try {
                    try {
                        this._mKeyStoreLock.lock();
                        KeyStore keyStore = this.mPKCS12KeyStore;
                        if (keyStore == null) {
                            Log.d("KeyStore is null, create new one...");
                            keyStore = createEmptyPKCS12KeyStore();
                        } else {
                            Log.d("KeyStore is already exists with certificates, overwritting...");
                        }
                        keyStore.setKeyEntry(AVAYA_PRIVATE_KEY_ALIAS_MANUAL_CONFIG, privateKey, this.mKeyStoreSecret, x509CertificateArr);
                        persistKeyStore(keyStore);
                        this._mKeyStoreLock.unlock();
                        setKeyStore(keyStore);
                        Log.d("Successfully saved the identity certificates and associated key.");
                    } catch (KeyStoreException e) {
                        Log.d("Failed to save the certificate to the keystore. ", e);
                        throw new CertificateStoreException(e);
                    }
                } catch (CertificateStoreException e2) {
                    Log.d("Failed to save the certificate to the keystore.", e2);
                    throw new CertificateStoreException(e2);
                }
            } catch (CertificateException e3) {
                Log.d("Failed to save the certificate to the keystore.", e3);
                throw new CertificateStoreException(e3);
            }
        } catch (Throwable th) {
            this._mKeyStoreLock.unlock();
            throw th;
        }
    }
}
