package ch.novalink.novaalert.util;

import Q7.h;
import R7.f;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import ch.novalink.novaalert.R;
import ch.novalink.novaalert.ui.TagPinDialogActivity;
import com.google.gson.Gson;
import com.microsoft.identity.common.java.authscheme.TokenAuthenticationScheme;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import com.samsung.android.knox.net.nap.NetworkAnalyticsConstants;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import m2.InterfaceC2424a;
import n2.g;
import q2.AbstractC2616a;
import q2.r;
import q2.s;
import q2.t;
import q2.u;
import q2.y;
import r2.F0;
import s2.AbstractC2884b;

/* loaded from: classes2.dex */
public abstract class ConfigFileHelper {

    /* renamed from: a, reason: collision with root package name */
    private static final r f26636a = s.b(ConfigFileHelper.class);

    /* loaded from: classes2.dex */
    public static class ConfigFile {
        public String AccessToken;
        public String ClientCertificate;
        public String ConnectionUris;
        public boolean IsManagedClientCertificate;
        public boolean IsTlsRequired;
        public String LoginSecret;
        public String MasterUri;
        public String NaInstanceId;
        public String Password;
        public int PersonId;
        public Boolean PreAuthRequired;
        public String PreAuthSecret;
        public boolean RequireConfigFileDownload;
        public String ServerCertificate;
        public String SlaveUri;
        public String Username;
        private String filePassword;

        public static ConfigFile fromString(String str) {
            if (y.g(str)) {
                return null;
            }
            try {
                return (ConfigFile) new Gson().m(str, ConfigFile.class);
            } catch (Exception e9) {
                ConfigFileHelper.f26636a.f("Failed to parse in house map position! " + e9.getMessage(), e9);
                return null;
            }
        }

        public String getFilePassword() {
            return this.filePassword;
        }

        public void setFilePassword(String str) {
            this.filePassword = str;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public class a extends BroadcastReceiver {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ t f26637a;

        a(t tVar) {
            this.f26637a = tVar;
        }

        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            this.f26637a.e(intent.getStringExtra("TagPinDialog.Extra.Pin"));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public class b implements d {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ Context f26638a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ t f26639b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ e f26640c;

        b(Context context, t tVar, e eVar) {
            this.f26638a = context;
            this.f26639b = tVar;
            this.f26640c = eVar;
        }

        @Override // ch.novalink.novaalert.util.ConfigFileHelper.d
        public void a(String str) {
            this.f26640c.a(str);
        }

        @Override // ch.novalink.novaalert.util.ConfigFileHelper.d
        public String b() {
            ConfigFileHelper.f26636a.b("ConfigFile: Ask for password");
            Intent intent = new Intent(this.f26638a, (Class<?>) TagPinDialogActivity.class);
            intent.addFlags(268435456);
            this.f26638a.startActivity(intent);
            try {
                if (!this.f26639b.g(30000L)) {
                    ConfigFileHelper.f26636a.a("ConfigFile: Password was not entered within 30sek - cancel password input");
                    Intent intent2 = new Intent("TagPinDialog.Cancel");
                    intent2.setPackage(this.f26638a.getPackageName());
                    this.f26638a.sendBroadcast(intent2);
                }
            } catch (InterruptedException e9) {
                ConfigFileHelper.f26636a.f("ConfigFile: Failed to get password! " + e9.getMessage(), e9);
                e9.printStackTrace();
            }
            return (String) this.f26639b.a();
        }
    }

    /* loaded from: classes2.dex */
    public static class c {

        /* renamed from: a, reason: collision with root package name */
        private Certificate f26641a;

        /* renamed from: b, reason: collision with root package name */
        private String f26642b;

        /* renamed from: c, reason: collision with root package name */
        private String f26643c;

        public Certificate a() {
            return this.f26641a;
        }

        public String b() {
            return this.f26642b;
        }

        public String c() {
            return this.f26643c;
        }

        public void d(Certificate certificate) {
            this.f26641a = certificate;
        }

        public void e(String str) {
            this.f26642b = str;
        }

        public void f(String str) {
            this.f26643c = str;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public interface d {
        void a(String str);

        String b();
    }

    /* loaded from: classes2.dex */
    public interface e {
        void a(String str);
    }

    private static byte[] b(InputStream inputStream) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[NetworkAnalyticsConstants.DataPoints.FLAG_SOURCE_PORT];
        while (true) {
            int read = inputStream.read(bArr, 0, NetworkAnalyticsConstants.DataPoints.FLAG_SOURCE_PORT);
            if (read == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    private static String c(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (int i8 = 0; i8 < bArr.length; i8++) {
            String hexString = Integer.toHexString(bArr[i8]);
            int length = hexString.length();
            if (length == 1) {
                hexString = "0" + hexString;
            }
            if (length > 2) {
                hexString = hexString.substring(length - 2, length);
            }
            sb.append(hexString.toUpperCase());
            if (i8 < bArr.length - 1) {
                sb.append(':');
            }
        }
        return sb.toString();
    }

    public static String d(X509Certificate x509Certificate) {
        try {
            return c(MessageDigest.getInstance("SHA1").digest(x509Certificate.getEncoded()));
        } catch (Exception e9) {
            f26636a.f("ConfigFile: Failed to get cert thumbprint! " + e9.getMessage(), e9);
            return "";
        }
    }

    public static void e() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            ArrayList<String> list = Collections.list(keyStore.aliases());
            if (list.isEmpty()) {
                f26636a.c("ConfigFile: There are no alias in the Android Key Store");
                return;
            }
            StringBuilder sb = new StringBuilder();
            try {
                for (String str : list) {
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
                    String name = x509Certificate.getIssuerX500Principal().getName();
                    String name2 = x509Certificate.getSubjectX500Principal().getName();
                    Date notBefore = x509Certificate.getNotBefore();
                    Date notAfter = x509Certificate.getNotAfter();
                    sb.append("\n-Alias: " + str + " [Issuer: " + name + ", Subject: " + name2 + ", Thumbprint: " + d(x509Certificate) + ", From: " + notBefore.toString() + " - " + notAfter.toString() + "] ");
                }
            } catch (Exception unused) {
                f26636a.a("ConfigFile: Failed to get Certificate Infos");
            }
            if (y.g(sb.toString())) {
                f26636a.c("ConfigFile: There are " + list.size() + " alias in the Android Key Store - " + Arrays.toString(list.toArray()));
                return;
            }
            f26636a.c("ConfigFile: There are " + list.size() + " alias in the Android Key Store: " + ((Object) sb));
        } catch (Exception e9) {
            f26636a.f("ConfigFile: Failed to print certificates! " + e9.getMessage(), e9);
        }
    }

    private static boolean f(byte[] bArr, ConfigFile configFile, Context context, d dVar) {
        String str;
        h hVar = new h(new ByteArrayInputStream(bArr));
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        KeyStore.getInstance(KeyStore.getDefaultType()).load(null);
        KeyStore keyStore2 = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
        f26636a.b("ConfigFile: Load certificates from zip file");
        while (true) {
            f l8 = hVar.l();
            if (l8 == null) {
                hVar.close();
                f26636a.b("ConfigFile: Successfully loaded certificates from zip file");
                return true;
            }
            r rVar = f26636a;
            rVar.b("ConfigFile: ZIP: Entry " + l8.i());
            String i8 = l8.i();
            i8.hashCode();
            if (i8.equals("clientCertificate.p12")) {
                if ("file".equals(configFile.ClientCertificate)) {
                    if (configFile.IsManagedClientCertificate) {
                        str = "Nei-PlNcLh_X1OJBMCibUMpXQ5!xba4U5S?_vKXvEYtP4";
                    } else {
                        str = dVar.b();
                        if (y.g(str)) {
                            rVar.a("ConfigFile: Got empty password for certificate");
                            hVar.close();
                            return false;
                        }
                    }
                    try {
                        keyStore2.load(hVar, str.toCharArray());
                        ArrayList<String> list = Collections.list(keyStore2.aliases());
                        for (String str2 : list) {
                            keyStore.setKeyEntry("novaalert-mobile-app-key", keyStore2.getKey(str2, str.toCharArray()), "".toCharArray(), keyStore2.getCertificateChain(str2));
                        }
                        f26636a.b("ConfigFile: There are " + list.size() + " aliases in clientCertificate.p12");
                    } catch (IOException | UnrecoverableKeyException unused) {
                        f26636a.a("ConfigFile: Invalid client certificate password");
                        dVar.a(context.getString(R.string.wrong_password));
                        hVar.close();
                        return false;
                    }
                } else {
                    continue;
                }
            } else if (i8.equals("serverCertificate.cer") && "file".equals(configFile.ServerCertificate)) {
                Iterator<? extends Certificate> it = CertificateFactory.getInstance("X.509").generateCertificates(hVar).iterator();
                while (it.hasNext()) {
                    keyStore.setCertificateEntry("novaalert-mobile-app-server", it.next());
                }
            }
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:12:0x0093  */
    /* JADX WARN: Removed duplicated region for block: B:9:0x0088  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static ch.novalink.novaalert.util.ConfigFileHelper.ConfigFile g(android.content.Context r6, ch.novalink.novaalert.util.ConfigFileHelper.e r7, byte[] r8, java.lang.String r9) {
        /*
            Method dump skipped, instructions count: 257
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ch.novalink.novaalert.util.ConfigFileHelper.g(android.content.Context, ch.novalink.novaalert.util.ConfigFileHelper$e, byte[], java.lang.String):ch.novalink.novaalert.util.ConfigFileHelper$ConfigFile");
    }

    public static ConfigFile h(AbstractC2884b abstractC2884b, String str, byte[] bArr, Context context, e eVar, String str2) {
        byte[] bArr2;
        g.a a9;
        String str3;
        String[] split = str.split(":");
        InterfaceC2424a a10 = F0.a(split[0], Integer.parseInt(split[1]), u.Any, str);
        if (abstractC2884b.m6() && ((a9 = g.a(a10, abstractC2884b.u3(), abstractC2884b.V3(), "invalid_use_cfg_access", abstractC2884b.U3(), abstractC2884b.p(), g.b.PurposeConfig)) == null || !a9.f34846a)) {
            r rVar = f26636a;
            StringBuilder sb = new StringBuilder();
            sb.append("ConfigFile: could not establish pre-auth: ");
            if (a9 != null) {
                str3 = ((int) a9.f34848c) + TokenAuthenticationScheme.SCHEME_DELIMITER + a9.f34847b;
            } else {
                str3 = "NoResponse";
            }
            sb.append(str3);
            rVar.a(sb.toString());
            return null;
        }
        a10.m(AbstractC2616a.d(new byte[][]{new byte[]{113, (byte) bArr.length}, bArr}));
        InputStream f9 = a10.f();
        int c9 = m2.e.c(f9);
        if (c9 > 0) {
            bArr2 = m2.e.b(f9, c9);
        } else {
            int c10 = m2.e.c(f9);
            f26636a.a("ConfigurationFile: Failed to read config file from '" + str + "' - ErrorCode=" + c10);
            eVar.a(context.getString(c10 != 3 ? c10 != 5 ? R.string.invalid_config_file : R.string.expired_config_file : R.string.deprecated_config).replaceAll("<x>", c10 + ""));
            bArr2 = null;
        }
        a10.close();
        if (bArr2 == null || bArr2.length == 0) {
            f26636a.a("ConfigFile: Content is null or empty");
            return null;
        }
        f26636a.c("ConfigFile: Got config file - this is the content: " + bArr2.length);
        return g(context, eVar, bArr2, str2);
    }

    public static void i() {
        try {
            r rVar = f26636a;
            rVar.b("ConfigFile: Remove certificates");
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias("novaalert-mobile-app-key")) {
                keyStore.deleteEntry("novaalert-mobile-app-key");
                rVar.b("ConfigFile: Removed client certificate");
            }
            if (keyStore.containsAlias("novaalert-mobile-app-server")) {
                keyStore.deleteEntry("novaalert-mobile-app-server");
                rVar.b("ConfigFile: Removed server certificate");
            }
        } catch (Exception e9) {
            f26636a.f("ConfigFile: Failed to reset certificates! " + e9.getMessage(), e9);
        }
    }
}
