package de.persosim.android.remoteifd;

import android.content.Context;
import android.content.SharedPreferences;
import de.persosim.simulator.utils.HexString;
import de.persosim.websocket.RemoteIfdConfigManager;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.interfaces.RSAPrivateKey;
import java.util.Collection;
import java.util.Enumeration;
import java.util.HashSet;
import org.globaltester.lib.bctls.TlsCertificateGenerator;
import org.globaltester.logging.BasicLogger;

/* loaded from: classes12.dex */
public class KeystoreRemoteIfdConfigManager implements RemoteIfdConfigManager {
    public static final String DEFAULT_KEY_ALIAS = "default";
    private static final String KEYPASSWORD = "keypassword";
    private static final String PREFS_NAME = "persoSimRemoteIfdKeystoreConfig";
    private static final String PREF_KEYSTORE = "remoteIfdKeyStore";
    private static KeystoreRemoteIfdConfigManager instance = null;
    private static final String keystorePassword = "persoSimKeyStorePassword123";
    private Context context;
    private KeyStore keyStore;

    private KeystoreRemoteIfdConfigManager(Context context) {
        this.context = context;
        this.keyStore = loadKeyStorefromPreferences();
        if (this.keyStore == null) {
            BasicLogger.log(getClass(), "no keystore could be restored from preferences, creating a new one");
            this.keyStore = createNewInitialKeyStore();
            storeKeyStoreToPreferences();
        }
    }

    private static KeyStore createNewInitialKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            KeyPair generateKeyPair = TlsCertificateGenerator.generateKeyPair();
            keyStore.setKeyEntry(DEFAULT_KEY_ALIAS, generateKeyPair.getPrivate(), KEYPASSWORD.toCharArray(), new Certificate[]{TlsCertificateGenerator.generateTlsCertificate(generateKeyPair)});
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new IllegalArgumentException("A new keystore could not be created", e);
        }
    }

    public static synchronized KeystoreRemoteIfdConfigManager getInstance(Context context) {
        KeystoreRemoteIfdConfigManager keystoreRemoteIfdConfigManager;
        synchronized (KeystoreRemoteIfdConfigManager.class) {
            if (instance == null) {
                instance = new KeystoreRemoteIfdConfigManager(context);
            } else if (instance.context != context) {
                throw new IllegalArgumentException("KeyStoreRemoteIfdConfigmanager already exists (but with different Applicationcontext)!");
            }
            keystoreRemoteIfdConfigManager = instance;
        }
        return keystoreRemoteIfdConfigManager;
    }

    private KeyStore loadKeyStorefromPreferences() {
        String string = this.context.getSharedPreferences(PREFS_NAME, 0).getString(PREF_KEYSTORE, "");
        if (string.length() <= 0) {
            BasicLogger.log(getClass(), "no keystore stored in preferences");
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(new ByteArrayInputStream(HexString.toByteArray(string)), keystorePassword.toCharArray());
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new IllegalArgumentException("Keystore from prefernces could not be loaded", e);
        }
    }

    private void storeKeyStoreToPreferences() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            this.keyStore.store(byteArrayOutputStream, keystorePassword.toCharArray());
            SharedPreferences.Editor edit = this.context.getSharedPreferences(PREFS_NAME, 0).edit();
            edit.putString(PREF_KEYSTORE, HexString.encode(byteArrayOutputStream.toByteArray()));
            edit.apply();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new IllegalArgumentException("Keystore could not pe stored in prefernces", e);
        }
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public void addPairedCertificate(Certificate certificate) {
        try {
            this.keyStore.setCertificateEntry(Integer.toHexString(certificate.hashCode()), certificate);
            storeKeyStoreToPreferences();
        } catch (KeyStoreException e) {
            throw new IllegalStateException(e);
        }
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public void deletePairedCertificate(Certificate certificate) {
        try {
            this.keyStore.deleteEntry(Integer.toHexString(certificate.hashCode()));
            storeKeyStoreToPreferences();
        } catch (KeyStoreException e) {
            throw new IllegalStateException(e);
        }
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public Certificate getHostCertificate() {
        try {
            return this.keyStore.getCertificate(DEFAULT_KEY_ALIAS);
        } catch (KeyStoreException e) {
            throw new IllegalStateException("Could not get own certificate", e);
        }
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public RSAPrivateKey getHostPrivateKey() {
        try {
            return (RSAPrivateKey) this.keyStore.getKey(DEFAULT_KEY_ALIAS, KEYPASSWORD.toCharArray());
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new IllegalStateException("Could not get private key", e);
        }
    }

    @Override // de.persosim.websocket.RemoteIfdConfigManager
    public Collection<Certificate> getPairedCertificates() {
        try {
            Enumeration<String> aliases = this.keyStore.aliases();
            HashSet hashSet = new HashSet();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                System.out.println("Handling certificate with alias: " + nextElement);
                if (!DEFAULT_KEY_ALIAS.equals(nextElement)) {
                    try {
                        hashSet.add(CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(this.keyStore.getCertificate(nextElement).getEncoded())));
                    } catch (CertificateException e) {
                        e.printStackTrace();
                    }
                }
            }
            return hashSet;
        } catch (KeyStoreException e2) {
            throw new IllegalStateException(e2);
        }
    }
}
