package com.nio.lib.http.data;

import android.util.Base64;
import android.util.Log;
import com.nio.lib.log.core.CNLogLite;
import com.nio.lib.util.AppUtil;
import com.nio.lib.util.CollectionUtil;
import com.nio.lib.util.StringUtil;
import com.tencent.qcloud.core.util.IOUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.Serializable;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: classes6.dex */
public class NioCertData implements Serializable {
    private static final String TAG = "NioCertData";
    private static final long serialVersionUID = 1;
    private static int space = 500;
    private String resultCode;
    private String tlsCert;
    private String tlsPrivateKey;
    private transient SSLContext tlsSSLContext = null;
    private String trustchain;
    private String virtualkeyCert;
    private String virtualkeyPrivateKey;

    public static void clear() {
        SPNioCert.get().clear();
    }

    private void generateTlsSSLContext() {
        X509Certificate x509Certificate = null;
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            String certAllias = getCertAllias();
            String savePassword = getSavePassword();
            if (keyStore.isKeyEntry(certAllias)) {
                keyStore.deleteEntry(certAllias);
            }
            RSAPrivateKey rSAPrivateKey = getRSAPrivateKey(this.tlsPrivateKey);
            List<X509Certificate> x509Certificates = getX509Certificates(this.tlsCert);
            if (x509Certificates != null && x509Certificates.size() > 0) {
                x509Certificate = x509Certificates.get(0);
            }
            keyStore.setKeyEntry(certAllias, rSAPrivateKey, savePassword.toCharArray(), new Certificate[]{x509Certificate});
            List<X509Certificate> x509Certificates2 = getX509Certificates(this.trustchain);
            if (!CollectionUtil.a(x509Certificates2)) {
                for (X509Certificate x509Certificate2 : x509Certificates2) {
                    keyStore.setCertificateEntry(x509Certificate2.getSubjectDN().getName(), x509Certificate2);
                }
            }
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("X509");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, savePassword.toCharArray());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            this.tlsSSLContext = sSLContext;
        } catch (IOException | KeyManagementException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableKeyException | CertificateException | InvalidKeySpecException e) {
            CNLogLite.a().exception(e);
        }
    }

    private String getCertAllias() {
        return StringUtil.a(AppUtil.l(), AppUtil.k());
    }

    private RSAPrivateKey getRSAPrivateKey(String str) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException {
        if (!StringUtil.a(str)) {
            String[] split = str.split("-----BEGIN RSA PRIVATE KEY-----");
            if (split.length >= 2) {
                return (RSAPrivateKey) KeyFactory.getInstance("RSA", "BC").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(split[1].split("-----END RSA PRIVATE KEY-----")[0].trim().replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, ""), 2)));
            }
        }
        return null;
    }

    private String getSavePassword() {
        return StringUtil.a(AppUtil.l(), AppUtil.k());
    }

    private List<X509Certificate> getX509Certificates(String str) throws CertificateException {
        if (StringUtil.a(str)) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        String[] split = str.split("-----BEGIN CERTIFICATE-----");
        if (split != null) {
            for (String str2 : split) {
                if (!StringUtil.a(str2.trim())) {
                    arrayList.add((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(str2.split("-----END CERTIFICATE-----")[0].trim().replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, ""), 2))));
                }
            }
        }
        return arrayList;
    }

    public static boolean isDeviceCertReady() {
        NioCertData restoreNioCertData = restoreNioCertData();
        return restoreNioCertData != null && !StringUtil.a(restoreNioCertData.tlsCert) && restoreNioCertData.tlsCert.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").startsWith("---") && restoreNioCertData.tlsCert.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").endsWith("---") && !StringUtil.a(restoreNioCertData.tlsPrivateKey) && restoreNioCertData.tlsPrivateKey.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").startsWith("---") && restoreNioCertData.tlsPrivateKey.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").endsWith("---") && !StringUtil.a(restoreNioCertData.virtualkeyCert) && restoreNioCertData.virtualkeyCert.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").startsWith("---") && restoreNioCertData.virtualkeyCert.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").endsWith("---") && !StringUtil.a(restoreNioCertData.virtualkeyPrivateKey) && restoreNioCertData.virtualkeyPrivateKey.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").startsWith("---") && restoreNioCertData.virtualkeyPrivateKey.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").endsWith("---") && !StringUtil.a(restoreNioCertData.trustchain) && restoreNioCertData.trustchain.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").startsWith("---") && restoreNioCertData.trustchain.replace("\r", "").replace(IOUtils.LINE_SEPARATOR_UNIX, "").endsWith("---");
    }

    private static void printLog(String str, String str2) {
        int i = 0;
        while (i < str2.length()) {
            if (space + i >= str2.length()) {
                Log.d(TAG, StringUtil.a(str, str2.substring(i, str2.length())));
                i = str2.length();
            } else {
                Log.d(TAG, StringUtil.a(str, str2.substring(i, space + i)));
                i += space;
            }
        }
    }

    public static NioCertData restoreNioCertData() {
        return SPNioCert.get().restoreNioCertData();
    }

    public String getResultCode() {
        return this.resultCode;
    }

    public String getTlsCert() {
        return this.tlsCert;
    }

    public String getTlsCertSerialNumber() {
        String str;
        try {
            if (StringUtil.a(this.tlsCert)) {
                CNLogLite.a().d(TAG, "tlsCert == null");
                str = null;
            } else {
                List<X509Certificate> x509Certificates = getX509Certificates(this.tlsCert);
                if (x509Certificates == null || x509Certificates.size() <= 0) {
                    CNLogLite.a().d(TAG, "x509Certificates.size == 0");
                    str = null;
                } else {
                    X509Certificate x509Certificate = x509Certificates.get(0);
                    if (x509Certificate != null) {
                        str = x509Certificate.getSerialNumber().toString(16);
                    } else {
                        CNLogLite.a().d(TAG, "x509Certificate == ");
                        str = null;
                    }
                }
            }
            return str;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public String getTlsPrivateKey() {
        return this.tlsPrivateKey;
    }

    public RSAPrivateKey getTlsRSAPrivateKey() throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException {
        return getRSAPrivateKey(this.tlsPrivateKey);
    }

    public SSLContext getTlsSSLContext() {
        if (this.tlsSSLContext != null) {
            CNLogLite.a().i(TAG, "tlsSSLContext != null");
            return this.tlsSSLContext;
        }
        if (StringUtil.a(this.tlsCert) || StringUtil.a(this.tlsPrivateKey) || StringUtil.a(this.trustchain)) {
            return AppUtil.p();
        }
        generateTlsSSLContext();
        return this.tlsSSLContext;
    }

    public String getTrustchain() {
        return this.trustchain;
    }

    public String getVirtualkeyCN() {
        String[] split;
        try {
            List<X509Certificate> x509Certificates = getX509Certificates(this.virtualkeyCert);
            X509Certificate x509Certificate = (x509Certificates == null || x509Certificates.size() <= 0) ? null : x509Certificates.get(0);
            String name = x509Certificate != null ? x509Certificate.getSubjectX500Principal().getName("RFC2253") : null;
            if (name != null && (split = name.split(",")) != null && split.length > 0) {
                return split[0];
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }

    public String getVirtualkeyCert() {
        return this.virtualkeyCert;
    }

    public String getVirtualkeyPrivateKey() {
        return this.virtualkeyPrivateKey;
    }

    public RSAPrivateKey getVirtualkeyRSAPrivateKey() throws InvalidKeySpecException, NoSuchAlgorithmException, NoSuchProviderException {
        return getRSAPrivateKey(this.virtualkeyPrivateKey);
    }

    public String getVirtualkeySerialNumber() {
        try {
            List<X509Certificate> x509Certificates = getX509Certificates(this.virtualkeyCert);
            X509Certificate x509Certificate = (x509Certificates == null || x509Certificates.size() <= 0) ? null : x509Certificates.get(0);
            if (x509Certificate != null) {
                return x509Certificate.getSerialNumber().toString(16);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }

    public boolean isReady() {
        return (this.tlsCert == null || this.tlsPrivateKey == null || this.virtualkeyCert == null || this.virtualkeyPrivateKey == null || this.trustchain == null) ? false : true;
    }

    public void save() {
        Log.d(TAG, "save");
        SPNioCert.get().save(this);
        generateTlsSSLContext();
    }

    public void setResultCode(String str) {
        this.resultCode = str;
    }

    public void setTlsCert(String str) {
        this.tlsCert = str;
    }

    public void setTlsPrivateKey(String str) {
        this.tlsPrivateKey = str;
    }

    public void setTrustchain(String str) {
        this.trustchain = str;
    }

    public void setVirtualkeyCert(String str) {
        this.virtualkeyCert = str;
    }

    public void setVirtualkeyPrivateKey(String str) {
        this.virtualkeyPrivateKey = str;
    }
}
