package com.google.android.tv.remote.pairing;

import android.bluetooth.BluetoothAdapter;
import android.content.Context;
import android.os.Build;
import android.text.TextUtils;
import android.util.Log;
import com.google.polo.ssl.SslUtil;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.UUID;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public final class KeyStoreManager {

    /* renamed from: a, reason: collision with root package name */
    private static String f13477a = "AndroidKeyStore";

    /* renamed from: b, reason: collision with root package name */
    private static final char[] f13478b = "KeyStore_Password".toCharArray();

    /* renamed from: c, reason: collision with root package name */
    private final Context f13479c;
    private final KeyStore e = i();
    private final DynamicTrustManager d = new DynamicTrustManager(this.e);

    /* loaded from: classes2.dex */
    public static class DynamicTrustManager implements X509TrustManager {

        /* renamed from: a, reason: collision with root package name */
        private X509TrustManager f13480a;

        public DynamicTrustManager(KeyStore keyStore) {
            a(keyStore);
        }

        public void a(KeyStore keyStore) {
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                for (int i = 0; i < trustManagers.length; i++) {
                    if (trustManagers[i] instanceof X509TrustManager) {
                        this.f13480a = (X509TrustManager) trustManagers[i];
                        return;
                    }
                }
                throw new IllegalStateException("No trust manager found");
            } catch (KeyStoreException e) {
            } catch (NoSuchAlgorithmException e2) {
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.f13480a.checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.f13480a.checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    public KeyStoreManager(Context context) {
        this.f13479c = context;
    }

    private void a(KeyStore keyStore) throws GeneralSecurityException {
        a(keyStore, "atvremote-local");
    }

    private void a(KeyStore keyStore, String str) throws GeneralSecurityException {
        a(keyStore, str, h());
    }

    private void a(KeyStore keyStore, String str, String str2) throws GeneralSecurityException {
        KeyPair generateKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
        keyStore.setKeyEntry(str, generateKeyPair.getPrivate(), null, new Certificate[]{SslUtil.a(generateKeyPair, c(str2))});
    }

    private static String b(String str) {
        return String.format("atvremote-remote-%s", str);
    }

    private static String b(Certificate certificate) {
        X500Principal subjectX500Principal;
        if (!(certificate instanceof X509Certificate) || (subjectX500Principal = ((X509Certificate) certificate).getSubjectX500Principal()) == null) {
            return null;
        }
        return subjectX500Principal.getName();
    }

    private boolean b(KeyStore keyStore) {
        try {
            return keyStore.containsAlias("atvremote-local");
        } catch (KeyStoreException e) {
            return false;
        }
    }

    private static final String c(String str) {
        return "CN=atvremote/" + Build.PRODUCT + "/" + Build.DEVICE + "/" + Build.MODEL + "/" + str;
    }

    private void c(KeyStore keyStore) {
        if (j()) {
            return;
        }
        try {
            FileOutputStream openFileOutput = this.f13479c.openFileOutput("atvremote.keystore", 0);
            keyStore.store(openFileOutput, f13478b);
            openFileOutput.close();
        } catch (IOException e) {
            throw new IllegalStateException("Unable to store keyStore", e);
        } catch (GeneralSecurityException e2) {
            throw new IllegalStateException("Unable to store keyStore", e2);
        }
    }

    private void f() {
        try {
            Enumeration<String> aliases = this.e.aliases();
            while (aliases.hasMoreElements()) {
                this.e.deleteEntry(aliases.nextElement());
            }
        } catch (KeyStoreException e) {
        }
        e();
    }

    private KeyStore g() throws GeneralSecurityException {
        KeyStore keyStore;
        if (j()) {
            keyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                keyStore.load(null);
            } catch (IOException e) {
                throw new GeneralSecurityException("Unable to create empty keyStore", e);
            }
        } else {
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                keyStore.load(null, f13478b);
            } catch (IOException e2) {
                throw new GeneralSecurityException("Unable to create empty keyStore", e2);
            }
        }
        a(keyStore);
        return keyStore;
    }

    private static final String h() {
        if (!TextUtils.isEmpty(Build.SERIAL)) {
            return Build.SERIAL;
        }
        String address = BluetoothAdapter.getDefaultAdapter().getAddress();
        return TextUtils.isEmpty(address) ? UUID.randomUUID().toString() : address;
    }

    private KeyStore i() {
        KeyStore keyStore;
        try {
            if (j()) {
                keyStore = KeyStore.getInstance(f13477a);
                keyStore.load(null);
            } else {
                keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(this.f13479c.openFileInput("atvremote.keystore"), f13478b);
            }
        } catch (IOException e) {
            keyStore = null;
        } catch (KeyStoreException e2) {
            throw new IllegalStateException("Unable to get default instance of KeyStore", e2);
        } catch (GeneralSecurityException e3) {
            keyStore = null;
        }
        if (keyStore == null || !b(keyStore)) {
            try {
                keyStore = g();
                c(keyStore);
            } catch (GeneralSecurityException e4) {
                throw new IllegalStateException("Unable to create identity KeyStore", e4);
            }
        }
        return keyStore;
    }

    private boolean j() {
        return Build.VERSION.SDK_INT >= 18;
    }

    public void a(String str) {
        f();
        try {
            a(this.e, "atvremote-remote", str);
            e();
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException("Unable to create identity KeyStore", e);
        }
    }

    public void a(Certificate certificate) {
        a(certificate, Integer.toString(certificate.hashCode()));
    }

    public void a(Certificate certificate, String str) {
        try {
            String b2 = b(str);
            String b3 = b(certificate);
            if (this.e.containsAlias(b2)) {
                this.e.deleteEntry(b2);
            }
            if (b3 != null) {
                Enumeration<String> aliases = this.e.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    String b4 = b(this.e.getCertificate(nextElement));
                    if (b4 != null && b4.equals(b3)) {
                        Log.d("KeyStoreManager", "Deleting entry for " + nextElement + " (" + b4 + ")");
                        this.e.deleteEntry(nextElement);
                    }
                }
            }
            this.e.setCertificateEntry(b2, certificate);
            e();
        } catch (KeyStoreException e) {
        }
    }

    public KeyManager[] a() throws GeneralSecurityException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(this.e, "".toCharArray());
        return keyManagerFactory.getKeyManagers();
    }

    public TrustManager[] b() throws GeneralSecurityException {
        try {
            return new DynamicTrustManager[]{this.d};
        } catch (Exception e) {
            throw new GeneralSecurityException(e);
        }
    }

    public boolean c() {
        return b(this.e);
    }

    public void d() {
        a(h());
    }

    public void e() {
        this.d.a(this.e);
        c(this.e);
    }
}
