package im.keanu.server.security;

import android.util.Base64;
import android.util.Log;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes.dex */
public final class SelfSignedCertificate {
    private static final String DEFAULT_FQDN = "example.com";
    private static final int DEFAULT_KEY_LENGTH_BITS = 2048;
    private static final String TAG = "SelfSignedCertificate";
    private final X509Certificate cert;
    private final File certificate;
    private final PrivateKey key;
    private final File privateKey;
    private static final Date DEFAULT_NOT_BEFORE = new Date(System.currentTimeMillis() - 31536000000L);
    private static final Date DEFAULT_NOT_AFTER = new Date(253402300799000L);
    private static final Charset US_ASCII = Charset.forName("US-ASCII");
    private static final Provider provider = new BouncyCastleProvider();

    public SelfSignedCertificate() throws CertificateException {
        this(DEFAULT_NOT_BEFORE, DEFAULT_NOT_AFTER);
    }

    public SelfSignedCertificate(String str) throws CertificateException {
        this(str, DEFAULT_NOT_BEFORE, DEFAULT_NOT_AFTER);
    }

    public SelfSignedCertificate(String str, SecureRandom secureRandom, int i) throws CertificateException {
        this(str, secureRandom, i, DEFAULT_NOT_BEFORE, DEFAULT_NOT_AFTER);
    }

    /* JADX WARN: Removed duplicated region for block: B:27:0x0072 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public SelfSignedCertificate(java.lang.String r3, java.security.SecureRandom r4, int r5, java.util.Date r6, java.util.Date r7) throws java.security.cert.CertificateException {
        /*
            r2 = this;
            java.lang.String r0 = "Failed to close a file: "
            r2.<init>()
            java.lang.String r1 = "RSA"
            java.security.KeyPairGenerator r1 = java.security.KeyPairGenerator.getInstance(r1)     // Catch: java.security.NoSuchAlgorithmException -> L9e
            r1.initialize(r5, r4)     // Catch: java.security.NoSuchAlgorithmException -> L9e
            java.security.KeyPair r5 = r1.generateKeyPair()     // Catch: java.security.NoSuchAlgorithmException -> L9e
            java.lang.String[] r3 = generateCertificate(r3, r5, r4, r6, r7)     // Catch: java.lang.Throwable -> L8e
            java.io.File r4 = new java.io.File
            r6 = 0
            r6 = r3[r6]
            r4.<init>(r6)
            r2.certificate = r4
            java.io.File r6 = new java.io.File
            r7 = 1
            r3 = r3[r7]
            r6.<init>(r3)
            r2.privateKey = r6
            java.security.PrivateKey r3 = r5.getPrivate()
            r2.key = r3
            r3 = 0
            java.io.FileInputStream r5 = new java.io.FileInputStream     // Catch: java.lang.Throwable -> L62 java.lang.Exception -> L66
            r5.<init>(r4)     // Catch: java.lang.Throwable -> L62 java.lang.Exception -> L66
            java.lang.String r3 = "X509"
            java.security.cert.CertificateFactory r3 = java.security.cert.CertificateFactory.getInstance(r3)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L6f
            java.security.cert.Certificate r3 = r3.generateCertificate(r5)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L6f
            java.security.cert.X509Certificate r3 = (java.security.cert.X509Certificate) r3     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L6f
            r2.cert = r3     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L6f
            r5.close()     // Catch: java.io.IOException -> L48
            goto L5f
        L48:
            r3 = move-exception
            java.lang.String r4 = im.keanu.server.security.SelfSignedCertificate.TAG
            java.lang.StringBuilder r5 = new java.lang.StringBuilder
            r5.<init>()
            r5.append(r0)
            java.io.File r6 = r2.certificate
            r5.append(r6)
            java.lang.String r5 = r5.toString()
            android.util.Log.w(r4, r5, r3)
        L5f:
            return
        L60:
            r3 = move-exception
            goto L69
        L62:
            r4 = move-exception
            r5 = r3
            r3 = r4
            goto L70
        L66:
            r4 = move-exception
            r5 = r3
            r3 = r4
        L69:
            java.security.cert.CertificateEncodingException r4 = new java.security.cert.CertificateEncodingException     // Catch: java.lang.Throwable -> L6f
            r4.<init>(r3)     // Catch: java.lang.Throwable -> L6f
            throw r4     // Catch: java.lang.Throwable -> L6f
        L6f:
            r3 = move-exception
        L70:
            if (r5 == 0) goto L8d
            r5.close()     // Catch: java.io.IOException -> L76
            goto L8d
        L76:
            r4 = move-exception
            java.lang.String r5 = im.keanu.server.security.SelfSignedCertificate.TAG
            java.lang.StringBuilder r6 = new java.lang.StringBuilder
            r6.<init>()
            r6.append(r0)
            java.io.File r7 = r2.certificate
            r6.append(r7)
            java.lang.String r6 = r6.toString()
            android.util.Log.w(r5, r6, r4)
        L8d:
            throw r3
        L8e:
            r3 = move-exception
            java.lang.String r4 = im.keanu.server.security.SelfSignedCertificate.TAG
            java.lang.String r5 = "Failed to generate a self-signed X.509 certificate using Bouncy Castle:"
            android.util.Log.d(r4, r5, r3)
            java.security.cert.CertificateException r4 = new java.security.cert.CertificateException
            java.lang.String r5 = "No provider succeeded to generate a self-signed certificate. See debug log for the root cause."
            r4.<init>(r5, r3)
            throw r4
        L9e:
            r3 = move-exception
            java.lang.Error r4 = new java.lang.Error
            r4.<init>(r3)
            throw r4
        */
        throw new UnsupportedOperationException("Method not decompiled: im.keanu.server.security.SelfSignedCertificate.<init>(java.lang.String, java.security.SecureRandom, int, java.util.Date, java.util.Date):void");
    }

    public SelfSignedCertificate(String str, Date date, Date date2) throws CertificateException {
        this(str, new SecureRandom(), 2048, date, date2);
    }

    public SelfSignedCertificate(Date date, Date date2) throws CertificateException {
        this(DEFAULT_FQDN, date, date2);
    }

    private static String[] generateCertificate(String str, KeyPair keyPair, SecureRandom secureRandom, Date date, Date date2) throws Exception {
        PrivateKey privateKey = keyPair.getPrivate();
        X500Name x500Name = new X500Name("CN=" + str);
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider(provider).getCertificate(new JcaX509v3CertificateBuilder(x500Name, new BigInteger(64, secureRandom), date, date2, x500Name, keyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(privateKey)));
        certificate.verify(keyPair.getPublic());
        return newSelfSignedCertificate(str, privateKey, certificate);
    }

    private static String[] newSelfSignedCertificate(String str, PrivateKey privateKey, X509Certificate x509Certificate) throws IOException, CertificateEncodingException {
        String str2 = "-----BEGIN PRIVATE KEY-----\n" + Base64.encodeToString(privateKey.getEncoded(), 0) + "\n-----END PRIVATE KEY-----\n";
        File createTempFile = File.createTempFile("keyutil_" + str + '_', ".key");
        createTempFile.deleteOnExit();
        FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
        try {
            Charset charset = US_ASCII;
            fileOutputStream.write(str2.getBytes(charset));
            fileOutputStream.close();
            String str3 = "-----BEGIN CERTIFICATE-----\n" + Base64.encodeToString(x509Certificate.getEncoded(), 0) + "\n-----END CERTIFICATE-----\n";
            File createTempFile2 = File.createTempFile("keyutil_" + str + '_', ".crt");
            createTempFile2.deleteOnExit();
            FileOutputStream fileOutputStream2 = new FileOutputStream(createTempFile2);
            try {
                fileOutputStream2.write(str3.getBytes(charset));
                fileOutputStream2.close();
                return new String[]{createTempFile2.getPath(), createTempFile.getPath()};
            } catch (Throwable th) {
                safeClose(createTempFile2, fileOutputStream2);
                safeDelete(createTempFile2);
                safeDelete(createTempFile);
                throw th;
            }
        } catch (Throwable th2) {
            safeClose(createTempFile, fileOutputStream);
            safeDelete(createTempFile);
            throw th2;
        }
    }

    private static void safeClose(File file, OutputStream outputStream) {
        try {
            outputStream.close();
        } catch (IOException e) {
            Log.w(TAG, "Failed to close a file: " + file, e);
        }
    }

    private static void safeDelete(File file) {
        if (file.delete()) {
            return;
        }
        Log.w(TAG, "Failed to delete a file: " + file);
    }

    public X509Certificate cert() {
        return this.cert;
    }

    public File certificate() {
        return this.certificate;
    }

    public void delete() {
        safeDelete(this.certificate);
        safeDelete(this.privateKey);
    }

    public PrivateKey key() {
        return this.key;
    }

    public File privateKey() {
        return this.privateKey;
    }
}
