package o01;

import android.content.Context;
import androidx.compose.runtime.i0;
import d0.e;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.Iterator;
import javax.crypto.SecretKey;
import la.h;

/* loaded from: classes3.dex */
public abstract class b {
    public static final ArrayList j = new ArrayList();

    /* renamed from: a, reason: collision with root package name */
    public final Context f36716a;

    /* renamed from: b, reason: collision with root package name */
    public PublicKey f36717b;

    /* renamed from: c, reason: collision with root package name */
    public PrivateKey f36718c;

    /* renamed from: d, reason: collision with root package name */
    public SecretKey f36719d;

    /* renamed from: e, reason: collision with root package name */
    public Certificate f36720e;

    /* renamed from: f, reason: collision with root package name */
    public final String f36721f;

    /* renamed from: g, reason: collision with root package name */
    public final String f36722g;

    /* renamed from: h, reason: collision with root package name */
    public final ArrayList<String> f36723h;

    /* renamed from: i, reason: collision with root package name */
    public final KeyStore f36724i;

    public b(Context context, String str, KeyStore keyStore) throws morpho.etis.deviceauthenticator.exceptions.a {
        ArrayList arrayList = j;
        if (arrayList.isEmpty()) {
            synchronized (b.class) {
                if (arrayList.isEmpty()) {
                    ArrayList arrayList2 = new ArrayList();
                    InputStream inputStream = null;
                    try {
                        try {
                            ArrayList g11 = g(context);
                            if (g11.isEmpty()) {
                                throw new morpho.etis.deviceauthenticator.exceptions.a("Could not find any root certificate file in assets");
                            }
                            Iterator it = g11.iterator();
                            while (it.hasNext()) {
                                try {
                                    inputStream = context.getAssets().open((String) it.next(), 3);
                                    try {
                                        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(ma.a.a(inputStream)));
                                        a(x509Certificate, x509Certificate, "Service Provider root CA certificate");
                                        j.add(x509Certificate);
                                    } catch (CertificateException e3) {
                                        throw new morpho.etis.deviceauthenticator.exceptions.a(e3);
                                        break;
                                    }
                                } catch (morpho.etis.deviceauthenticator.exceptions.a e10) {
                                    arrayList2.add(e10);
                                }
                            }
                            if (j.isEmpty()) {
                                throw new morpho.etis.deviceauthenticator.exceptions.a("Could not find any valid root certificate: " + arrayList2);
                            }
                        } catch (IOException e11) {
                            throw new morpho.etis.deviceauthenticator.exceptions.a(e11);
                        }
                    } finally {
                        ma.b.a(null);
                    }
                }
            }
        }
        this.f36716a = context;
        this.f36724i = keyStore;
        String b12 = i0.b(str, "server");
        this.f36722g = b12;
        String b13 = i0.b(str, "device");
        this.f36721f = b13;
        ArrayList<String> arrayList3 = new ArrayList<>();
        this.f36723h = arrayList3;
        arrayList3.add(b13);
        arrayList3.add(b12);
    }

    public static void a(Certificate certificate, Certificate certificate2, String str) throws morpho.etis.deviceauthenticator.exceptions.a {
        if (!(certificate instanceof X509Certificate)) {
            throw new morpho.etis.deviceauthenticator.exceptions.a(str.concat(" unsupported format"));
        }
        PublicKey publicKey = certificate.getPublicKey();
        if (!(publicKey instanceof RSAPublicKey)) {
            throw new morpho.etis.deviceauthenticator.exceptions.a(str.concat(" key algorithm not supported"));
        }
        if (((((RSAPublicKey) publicKey).getModulus().bitLength() + 7) / 8) * 8 < 2048) {
            throw new morpho.etis.deviceauthenticator.exceptions.a(str.concat(" public key size too small"));
        }
        try {
            certificate.verify(certificate2.getPublicKey());
        } catch (Exception e3) {
            h.a(e3, Error.class);
            h.a(e3, RuntimeException.class);
            throw new morpho.etis.deviceauthenticator.exceptions.a(str.concat(" verification error"), e3);
        }
    }

    public static void b(Certificate certificate) throws morpho.etis.deviceauthenticator.exceptions.a {
        ArrayList arrayList = new ArrayList();
        int i11 = 0;
        while (true) {
            ArrayList arrayList2 = j;
            if (i11 > arrayList2.size() - 1) {
                throw new morpho.etis.deviceauthenticator.exceptions.a("no valid certificate found : " + arrayList);
            }
            try {
                a(certificate, (Certificate) arrayList2.get(i11), "Server certificate");
                return;
            } catch (morpho.etis.deviceauthenticator.exceptions.a e3) {
                arrayList.add(e3);
                i11++;
            }
        }
    }

    public static ArrayList g(Context context) throws IOException {
        ArrayList arrayList = new ArrayList();
        for (String str : context.getAssets().list("")) {
            if (str.equalsIgnoreCase("service.provider.root.ca.cer")) {
                arrayList.add(str);
            } else if (str.equalsIgnoreCase("sp-ca-certificates")) {
                for (String str2 : context.getAssets().list(str)) {
                    arrayList.add("sp-ca-certificates/" + str2);
                }
            }
        }
        return arrayList;
    }

    public abstract void c() throws morpho.etis.deviceauthenticator.exceptions.a;

    public abstract AlgorithmParameterSpec d();

    public abstract AlgorithmParameterSpec e(byte[] bArr);

    public abstract void f(boolean z3) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException;

    public final void h() throws morpho.etis.deviceauthenticator.exceptions.a {
        try {
            i(this.f36723h);
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e3) {
            throw new morpho.etis.deviceauthenticator.exceptions.a(e3);
        }
    }

    public void i(ArrayList arrayList) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, InvalidKeyException {
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            KeyStore keyStore = this.f36724i;
            if (!keyStore.containsAlias(str)) {
                throw new UnrecoverableEntryException(e.a("device authenticator content missing, corrupted data ? alias: ", str));
            }
            KeyStore.Entry entry = keyStore.getEntry(str, null);
            if (entry instanceof KeyStore.TrustedCertificateEntry) {
                this.f36720e = ((KeyStore.TrustedCertificateEntry) entry).getTrustedCertificate();
            } else if (entry instanceof KeyStore.PrivateKeyEntry) {
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                this.f36717b = privateKeyEntry.getCertificate().getPublicKey();
                this.f36718c = privateKeyEntry.getPrivateKey();
            } else if (entry instanceof KeyStore.SecretKeyEntry) {
                this.f36719d = ((KeyStore.SecretKeyEntry) entry).getSecretKey();
            }
        }
        if (this.f36717b == null || this.f36718c == null || this.f36720e == null) {
            throw new UnrecoverableEntryException("missing mandatory keystore element");
        }
    }

    public abstract void j() throws morpho.etis.deviceauthenticator.exceptions.a;

    public abstract void k(X509Certificate x509Certificate) throws morpho.etis.deviceauthenticator.exceptions.a;
}
