package de.vier_bier.habpanelviewer.connection.ssl;

import android.net.http.SslCertificate;
import android.os.Environment;
import android.util.Log;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;
import kotlin.UByte;

/* loaded from: classes.dex */
public class CertificateManager {
    private static final String TAG = "HPV-CertificateManager";
    private static CertificateManager mInstance;
    private boolean mInitSuccess;
    private File mLocalTrustStoreFile;
    private SSLContext mSslContext;
    private LocalTrustManager mTrustManager;
    private String mTrustStorePasswd = "secret";
    private final ArrayList<ICertChangedListener> mListeners = new ArrayList<>();

    /* loaded from: classes.dex */
    public interface ICertChangedListener {
        void certAdded();
    }

    private synchronized void createSslContext() throws GeneralSecurityException {
        if (this.mSslContext == null) {
            if (this.mTrustManager == null) {
                this.mTrustManager = new LocalTrustManager(loadTrustStore());
            }
            TrustManager[] trustManagerArr = {this.mTrustManager};
            this.mSslContext = SSLContext.getInstance("TLS");
            this.mSslContext.init(null, trustManagerArr, null);
        }
    }

    public static synchronized CertificateManager get(File file, String str) throws GeneralSecurityException {
        CertificateManager certificateManager;
        synchronized (CertificateManager.class) {
            certificateManager = new CertificateManager();
            certificateManager.setTrustStore(file, str);
        }
        return certificateManager;
    }

    public static synchronized CertificateManager getInstance() {
        CertificateManager certificateManager;
        synchronized (CertificateManager.class) {
            if (mInstance == null) {
                mInstance = new CertificateManager();
                try {
                    mInstance.setTrustStore(new File(Environment.getDataDirectory() + "/data/de.vier_bier.habpanelviewer/files/localTrustStore.bks"));
                } catch (GeneralSecurityException e) {
                    Log.e(TAG, "Certificate store initialization failed", e);
                }
            }
            certificateManager = mInstance;
        }
        return certificateManager;
    }

    private X509Certificate getX509CertFromSslCertHack(SslCertificate sslCertificate) {
        byte[] byteArray = SslCertificate.saveState(sslCertificate).getByteArray("x509-certificate");
        if (byteArray != null) {
            try {
            } catch (CertificateException unused) {
                return null;
            }
        }
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(byteArray));
    }

    private String hashName(X500Principal x500Principal) {
        try {
            return Integer.toString(leInt(MessageDigest.getInstance("MD5").digest(x500Principal.getEncoded())), 16);
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError(e);
        }
    }

    private int leInt(byte[] bArr) {
        return ((bArr[3] & UByte.MAX_VALUE) << 24) | (bArr[0] & UByte.MAX_VALUE) | ((bArr[1] & UByte.MAX_VALUE) << 8) | ((bArr[2] & UByte.MAX_VALUE) << 16);
    }

    private KeyStore loadTrustStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            FileInputStream fileInputStream = new FileInputStream(this.mLocalTrustStoreFile);
            try {
                keyStore.load(fileInputStream, this.mTrustStorePasswd.toCharArray());
                fileInputStream.close();
                return keyStore;
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private void saveTrustStore(KeyStore keyStore) throws IOException, GeneralSecurityException {
        keyStore.store(new FileOutputStream(this.mLocalTrustStoreFile), this.mTrustStorePasswd.toCharArray());
        this.mTrustManager = null;
        this.mSslContext = null;
        createSslContext();
    }

    private synchronized void setTrustStore(File file) throws GeneralSecurityException {
        this.mLocalTrustStoreFile = file;
        if (!this.mLocalTrustStoreFile.exists()) {
            throw new IllegalArgumentException("Given file does not exist: " + file.getAbsolutePath());
        }
        System.setProperty("javax.net.ssl.trustStore", this.mLocalTrustStoreFile.getAbsolutePath());
        createSslContext();
        HttpsURLConnection.setDefaultSSLSocketFactory(this.mSslContext.getSocketFactory());
        this.mInitSuccess = true;
    }

    private synchronized void setTrustStore(File file, String str) throws GeneralSecurityException {
        this.mTrustStorePasswd = str;
        setTrustStore(file);
    }

    public void addCertListener(ICertChangedListener iCertChangedListener) {
        synchronized (this.mListeners) {
            if (!this.mListeners.contains(iCertChangedListener)) {
                this.mListeners.add(iCertChangedListener);
            }
        }
    }

    public synchronized void addCertificate(SslCertificate sslCertificate) throws GeneralSecurityException, IOException {
        KeyStore loadTrustStore = loadTrustStore();
        X509Certificate x509CertFromSslCertHack = getX509CertFromSslCertHack(sslCertificate);
        loadTrustStore.setCertificateEntry(hashName(x509CertFromSslCertHack.getSubjectX500Principal()), x509CertFromSslCertHack);
        saveTrustStore(loadTrustStore);
        synchronized (this.mListeners) {
            Iterator<ICertChangedListener> it = this.mListeners.iterator();
            while (it.hasNext()) {
                it.next().certAdded();
            }
        }
    }

    public synchronized SSLSocketFactory getSocketFactory() {
        return this.mSslContext.getSocketFactory();
    }

    public synchronized X509TrustManager getTrustManager() {
        return this.mTrustManager;
    }

    public boolean isInitialized() {
        return this.mInitSuccess;
    }

    public synchronized boolean isTrusted(SslCertificate sslCertificate) {
        if (this.mTrustManager == null) {
            this.mTrustManager = new LocalTrustManager(loadTrustStore());
        }
        try {
            this.mTrustManager.checkClientTrusted(new X509Certificate[]{getX509CertFromSslCertHack(sslCertificate)}, "generic");
        } catch (CertificateException unused) {
            return false;
        }
        return true;
    }

    public synchronized boolean isTrusted(X509Certificate x509Certificate) {
        if (this.mTrustManager == null) {
            this.mTrustManager = new LocalTrustManager(loadTrustStore());
        }
        try {
            this.mTrustManager.checkClientTrusted(new X509Certificate[]{x509Certificate}, "generic");
        } catch (CertificateException unused) {
            return false;
        }
        return true;
    }

    public void removeCertListener(ICertChangedListener iCertChangedListener) {
        synchronized (this.mListeners) {
            this.mListeners.remove(iCertChangedListener);
        }
    }
}
