package org.sandrop.webscarab.plugin.proxy;

import io.fabric.sdk.android.services.events.EventsFilesManager;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.bouncycastle.x509.extension.AuthorityKeyIdentifierStructure;
import org.bouncycastle.x509.extension.SubjectKeyIdentifierStructure;

/* loaded from: classes.dex */
public class k {
    private static Logger a = Logger.getLogger(k.class.getName());
    private static X500Principal b;
    private PrivateKey c;
    private X509Certificate[] d;
    private String e;
    private String f;
    private KeyStore g;
    private KeyStore h;
    private char[] i;
    private char[] j;
    private boolean k = false;
    private Map l = new HashMap();
    private Set m = new HashSet();

    static {
        try {
            b = new X500Principal("cn=SandroProxy Custom CA,ou=SandroProxy Custom CA,o=SandroProxy,l=SandroProxy,st=SandroProxy,c=SandroProxy");
            a.setLevel(Level.FINEST);
        } catch (Exception e) {
            e.printStackTrace();
            b = null;
        }
    }

    public k(String str, String str2, String str3, char[] cArr) {
        boolean z;
        FileOutputStream fileOutputStream;
        byte[] encoded;
        String str4;
        String str5;
        Date date;
        a.setLevel(Level.FINEST);
        this.e = str;
        this.i = cArr;
        this.j = cArr;
        this.f = str2;
        this.h = KeyStore.getInstance(str3, "BC");
        File file = new File(this.e);
        if (this.e == null) {
            a.info("No keystore provided, keys and certificates will be transient!");
        }
        String str6 = "";
        if (file.exists() && file.canRead()) {
            a.fine("Loading keys from " + this.e);
            FileInputStream fileInputStream = new FileInputStream(file);
            this.h.load(fileInputStream, this.i);
            fileInputStream.close();
            Enumeration<String> aliases = this.h.aliases();
            Date date2 = null;
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Date creationDate = this.h.getCreationDate(nextElement);
                if (date2 == null || creationDate.after(date2)) {
                    str5 = nextElement;
                    date = creationDate;
                } else {
                    date = date2;
                    str5 = str6;
                }
                str6 = str5;
                date2 = date;
            }
            this.c = (PrivateKey) this.h.getKey(str6, this.i);
            if (this.c == null) {
                a.warning("Keystore does not contain an entry for '" + str6 + "'");
            }
            this.d = a(this.h.getCertificateChain(str6));
            z = false;
        } else {
            a.info("Generating CA key");
            this.h.load(null, this.i);
            a(b);
            z = true;
            a(this.h, this.e, this.i);
            str6 = this.h.aliases().nextElement();
        }
        try {
            encoded = ((X509Certificate) this.h.getCertificate(str6)).getEncoded();
            str4 = this.e + "_export.crt";
            fileOutputStream = new FileOutputStream(str4);
        } catch (Exception e) {
            e = e;
            fileOutputStream = null;
        }
        try {
            fileOutputStream.write(encoded);
            fileOutputStream.close();
            a.fine("CA cert exported to " + str4);
        } catch (Exception e2) {
            e = e2;
            e.printStackTrace();
            if (fileOutputStream != null) {
                fileOutputStream.close();
            }
            File file2 = new File(this.f);
            if (!z) {
            }
            this.g = KeyStore.getInstance(str3, "BC");
            this.g.load(null, this.j);
            a(this.g, this.f, this.j);
            return;
        }
        File file22 = new File(this.f);
        if (!z || file22 == null || !file22.exists()) {
            this.g = KeyStore.getInstance(str3, "BC");
            this.g.load(null, this.j);
            a(this.g, this.f, this.j);
            return;
        }
        FileInputStream fileInputStream2 = new FileInputStream(file22);
        try {
            this.g = KeyStore.getInstance(str3, "BC");
            this.g.load(fileInputStream2, this.j);
        } catch (Exception e3) {
            a.fine("problems opening exisiting cert keystore so we create new one");
            this.g = KeyStore.getInstance(str3, "BC");
            this.g.load(null, this.j);
            a(this.g, this.f, this.j);
        }
        fileInputStream2.close();
        c();
    }

    private void a(KeyStore keyStore, String str, char[] cArr) {
        if (str == null) {
            return;
        }
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(str);
            keyStore.store(fileOutputStream, cArr);
            fileOutputStream.close();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (GeneralSecurityException e2) {
            e2.printStackTrace();
        }
    }

    private void a(X500Principal x500Principal) {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(1024);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        this.c = generateKeyPair.getPrivate();
        PublicKey publicKey = generateKeyPair.getPublic();
        Date date = new Date();
        Date date2 = new Date(date.getTime() + 315360000000L);
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(BigInteger.ONE);
        x509V3CertificateGenerator.setIssuerDN(x500Principal);
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSubjectDN(x500Principal);
        x509V3CertificateGenerator.setPublicKey(publicKey);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA256withRSA");
        x509V3CertificateGenerator.addExtension(new DERObjectIdentifier("2.5.29.19"), true, new BasicConstraints(true).toASN1Object().getEncoded());
        this.d = new X509Certificate[]{x509V3CertificateGenerator.generate(this.c, "BC")};
        this.h.setKeyEntry("CA", this.c, this.i, this.d);
    }

    private X509Certificate[] a(Certificate[] certificateArr) {
        X509Certificate[] x509CertificateArr = new X509Certificate[certificateArr.length];
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= certificateArr.length) {
                return x509CertificateArr;
            }
            x509CertificateArr[i2] = (X509Certificate) certificateArr[i2];
            i = i2 + 1;
        }
    }

    private X509KeyManager b(o oVar) {
        String str = oVar.c != null ? oVar.c + EventsFilesManager.ROLL_OVER_FILE_NAME_SEPARATOR + oVar.d : oVar.a;
        Certificate[] certificateChain = this.g.getCertificateChain(str);
        if (certificateChain == null) {
            throw new GeneralSecurityException("Internal error: certificate chain for " + oVar.a + " not found!");
        }
        X509Certificate[] a2 = a(certificateChain);
        PrivateKey privateKey = (PrivateKey) this.g.getKey(str, this.j);
        if (privateKey == null) {
            throw new GeneralSecurityException("Internal error: private key for " + oVar.a + " not found!");
        }
        return new m(this, oVar, privateKey, a2);
    }

    private X509KeyManager c(o oVar) {
        KeyPair generateKeyPair;
        Collection<List<?>> subjectAlternativeNames;
        if (this.k) {
            generateKeyPair = new KeyPair(this.d[0].getPublicKey(), this.c);
        } else {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            generateKeyPair = keyPairGenerator.generateKeyPair();
        }
        X500Principal a2 = a(oVar.a);
        Date date = new Date();
        Date date2 = new Date(date.getTime() + 315360000000L);
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(a());
        x509V3CertificateGenerator.setIssuerDN(this.d[0].getSubjectX500Principal());
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSubjectDN(a2);
        x509V3CertificateGenerator.setPublicKey(generateKeyPair.getPublic());
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA256withRSA");
        if (oVar.b != null && oVar.b.length > 0 && (subjectAlternativeNames = oVar.b[0].getSubjectAlternativeNames()) != null && subjectAlternativeNames.size() > 0) {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            for (List<?> list : subjectAlternativeNames) {
                switch (((Integer) list.get(0)).intValue()) {
                    case 2:
                        aSN1EncodableVector.add(new GeneralName(2, (String) list.get(1)));
                        break;
                }
            }
            x509V3CertificateGenerator.addExtension(X509Extensions.SubjectAlternativeName, false, new GeneralNames(new DERSequence(aSN1EncodableVector)));
        }
        x509V3CertificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(this.d[0]));
        x509V3CertificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(generateKeyPair.getPublic()));
        X509Certificate generate = x509V3CertificateGenerator.generate(this.c, "BC");
        X509Certificate[] x509CertificateArr = new X509Certificate[this.d.length + 1];
        System.arraycopy(this.d, 0, x509CertificateArr, 1, this.d.length);
        x509CertificateArr[0] = generate;
        PrivateKey privateKey = generateKeyPair.getPrivate();
        this.g.setKeyEntry(oVar.c != null ? oVar.c + EventsFilesManager.ROLL_OVER_FILE_NAME_SEPARATOR + oVar.d : oVar.a, privateKey, this.j, x509CertificateArr);
        a(this.g, this.f, this.j);
        return new m(this, oVar, privateKey, x509CertificateArr);
    }

    private void c() {
        Enumeration<String> aliases = this.g.aliases();
        while (aliases.hasMoreElements()) {
            this.m.add(((X509Certificate) this.g.getCertificate(aliases.nextElement())).getSerialNumber());
        }
    }

    protected BigInteger a() {
        BigInteger valueOf = BigInteger.valueOf(System.currentTimeMillis());
        while (this.m.contains(valueOf)) {
            valueOf.add(BigInteger.ONE);
        }
        this.m.add(valueOf);
        return valueOf;
    }

    public synchronized SSLSocketFactory a(o oVar) {
        SSLContext sSLContext;
        String str = oVar.c != null ? oVar.c + EventsFilesManager.ROLL_OVER_FILE_NAME_SEPARATOR + oVar.d : oVar.a;
        sSLContext = (SSLContext) this.l.get(str);
        if (sSLContext == null) {
            X509KeyManager c = !this.g.containsAlias(str) ? c(oVar) : b(oVar);
            TrustManager[] trustManagerArr = {new l(this)};
            sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(new KeyManager[]{c}, trustManagerArr, null);
            this.l.put(str, sSLContext);
        }
        return sSLContext.getSocketFactory();
    }

    protected X500Principal a(String str) {
        return new X500Principal("cn=" + str + ",ou=UNTRUSTED SandroProxy,o=UNTRUSTED SandroProxy");
    }

    public void a(boolean z) {
        this.k = z;
    }
}
