package de.persosim.android.remoteifd;

import android.content.Context;
import android.content.SharedPreferences;
import de.persosim.simulator.utils.HexString;
import de.persosim.websocket.RemoteIfdConfigManager;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.interfaces.RSAPrivateKey;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.globaltester.lib.bctls.TlsCertificateGenerator;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes12.dex */
public class AndroidRemoteIfdConfigManager implements RemoteIfdConfigManager {
    private static final String HOST_CERT_ALIAS = "default";
    private static final String PREFS_NAME = "persoSimRemoteIfdConfig";
    private static final String PREF_DEVICE_NAME = "remoteIfdDeviceName";
    private static final String PREF_KEY_KEYSTORE_HEX = "remote.ifd.config.keystore.hex";
    private static final String PREF_KEY_KEYSTORE_KEY_PASSWORD = "remote.ifd.config.keystore.key.password";
    private static final String PREF_KEY_KEYSTORE_STORE_PASSWORD = "remote.ifd.config.keystore.password";
    private static final String PREF_KEY_PAIRED_CERTS = "remote.ifd.config.pairedcerts";
    private static AndroidRemoteIfdConfigManager instance = null;
    private Context context;
    private KeyStore keyStore;
    private char[] privateKeyPassword;

    private AndroidRemoteIfdConfigManager(Context context) {
        this.privateKeyPassword = new char[0];
        this.context = context;
        SharedPreferences sharedPreferences = this.context.getSharedPreferences(PREFS_NAME, 0);
        String string = sharedPreferences.getString(PREF_KEY_KEYSTORE_HEX, null);
        String string2 = sharedPreferences.getString(PREF_KEY_KEYSTORE_STORE_PASSWORD, null);
        char[] charArray = string2 != null ? string2.toCharArray() : new char[0];
        String string3 = sharedPreferences.getString(PREF_KEY_KEYSTORE_KEY_PASSWORD, "");
        if (string3 != null) {
            this.privateKeyPassword = string3.toCharArray();
        }
        try {
            this.keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            if (string != null) {
                this.keyStore.load(new ByteArrayInputStream(HexString.toByteArray(string)), charArray);
                return;
            }
            this.keyStore.load(null, null);
            createSelfSignedCertificate();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            this.keyStore.store(byteArrayOutputStream, charArray);
            SharedPreferences.Editor edit = this.context.getSharedPreferences(PREFS_NAME, 0).edit();
            edit.putString(PREF_KEY_KEYSTORE_HEX, HexString.encode(byteArrayOutputStream.toByteArray()));
            edit.apply();
        } catch (IOException | IllegalStateException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException | CertificateException e) {
            throw new IllegalStateException("Could not instantiate config manager", e);
        }
    }

    private void createSelfSignedCertificate() throws KeyStoreException, NoSuchAlgorithmException, CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchProviderException, SignatureException {
        KeyPair generateKeyPair = TlsCertificateGenerator.generateKeyPair();
        this.keyStore.setKeyEntry(HOST_CERT_ALIAS, generateKeyPair.getPrivate(), this.privateKeyPassword, new Certificate[]{TlsCertificateGenerator.generateTlsCertificate(generateKeyPair)});
    }

    public static synchronized AndroidRemoteIfdConfigManager getInstance(Context context) {
        AndroidRemoteIfdConfigManager androidRemoteIfdConfigManager;
        synchronized (AndroidRemoteIfdConfigManager.class) {
            if (instance == null) {
                instance = new AndroidRemoteIfdConfigManager(context);
            } else if (instance.context != context) {
                throw new IllegalArgumentException("KeyStoreRemoteIfdConfigmanager already exists (but with different Applicationcontext)!");
            }
            androidRemoteIfdConfigManager = instance;
        }
        return androidRemoteIfdConfigManager;
    }

    public static void setDeviceName(Context context, String str) {
        SharedPreferences.Editor edit = context.getSharedPreferences(PREFS_NAME, 0).edit();
        edit.putString(PREF_DEVICE_NAME, str);
        edit.apply();
    }

    private void storeToPrefs(Map<Certificate, String> map) {
        JSONObject jSONObject = new JSONObject();
        for (Certificate certificate : map.keySet()) {
            try {
                jSONObject.put(HexString.encode(certificate.getEncoded()), map.get(certificate));
            } catch (CertificateEncodingException e) {
            } catch (JSONException e2) {
            }
        }
        SharedPreferences.Editor edit = this.context.getSharedPreferences(PREFS_NAME, 0).edit();
        edit.putString(PREF_KEY_PAIRED_CERTS, jSONObject.toString());
        edit.apply();
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public void addPairedCertificate(Certificate certificate) {
        Map<Certificate, String> pairedCertificates = getPairedCertificates();
        pairedCertificates.put(certificate, "unknown (until first use)");
        storeToPrefs(pairedCertificates);
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public void deletePairedCertificate(Certificate certificate) {
        Map<Certificate, String> pairedCertificates = getPairedCertificates();
        pairedCertificates.remove(certificate);
        storeToPrefs(pairedCertificates);
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public Certificate getHostCertificate() {
        try {
            return this.keyStore.getCertificate(HOST_CERT_ALIAS);
        } catch (KeyStoreException e) {
            throw new IllegalStateException("Could not get own certificate", e);
        }
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public RSAPrivateKey getHostPrivateKey() {
        try {
            return (RSAPrivateKey) this.keyStore.getKey(HOST_CERT_ALIAS, this.privateKeyPassword);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new IllegalStateException("Could not get private key", e);
        }
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public String getName() {
        return this.context.getSharedPreferences(PREFS_NAME, 0).getString(PREF_DEVICE_NAME, "PersoSimAndroid");
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public Map<Certificate, String> getPairedCertificates() {
        HashMap hashMap = new HashMap();
        JSONObject jSONObject = new JSONObject();
        String string = this.context.getSharedPreferences(PREFS_NAME, 0).getString(PREF_KEY_PAIRED_CERTS, null);
        if (string != null) {
            try {
                jSONObject = new JSONObject(string);
            } catch (JSONException e) {
            }
        }
        Iterator<String> keys = jSONObject.keys();
        while (keys.hasNext()) {
            String next = keys.next();
            try {
                hashMap.put(CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(HexString.toByteArray(next))), jSONObject.getString(next));
            } catch (CertificateException e2) {
            } catch (JSONException e3) {
            }
        }
        return hashMap;
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public void updateUdNameForCertificate(Certificate certificate, String str) {
        Map<Certificate, String> pairedCertificates = getPairedCertificates();
        pairedCertificates.put(certificate, str);
        storeToPrefs(pairedCertificates);
    }
}
