package net.i2p.crypto;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Locale;
import net.i2p.I2PAppContext;
import net.i2p.data.Base32;
import net.i2p.util.SecureDirectory;
import net.i2p.util.SecureFileOutputStream;
import net.i2p.util.ShellCommand;
import net.i2p.util.SystemVersion;

/* loaded from: classes.dex */
public class KeyStoreUtil {
    public static final String DEFAULT_KEYSTORE_PASSWORD = "changeit";
    private static final String DEFAULT_KEY_ALGORITHM = "RSA";
    private static final int DEFAULT_KEY_SIZE = 2048;
    private static final int DEFAULT_KEY_VALID_DAYS = 3652;

    public static boolean addCert(File file, String str, KeyStore keyStore) {
        FileInputStream fileInputStream;
        boolean z = false;
        FileInputStream fileInputStream2 = null;
        try {
            try {
                fileInputStream = new FileInputStream(file);
            } catch (Throwable th) {
                th = th;
            }
        } catch (IOException e) {
            e = e;
        } catch (IllegalArgumentException e2) {
            e = e2;
        } catch (GeneralSecurityException e3) {
            e = e3;
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
            info("Read X509 Certificate from " + file.getAbsolutePath() + " Issuer: " + x509Certificate.getIssuerX500Principal() + "; Valid From: " + x509Certificate.getNotBefore() + " To: " + x509Certificate.getNotAfter());
            try {
                x509Certificate.checkValidity();
                keyStore.setCertificateEntry(str, x509Certificate);
                info("Now trusting X509 Certificate, Issuer: " + x509Certificate.getIssuerX500Principal());
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e4) {
                    }
                }
                z = true;
                fileInputStream2 = fileInputStream;
            } catch (CertificateExpiredException e5) {
                String str2 = "Rejecting expired X509 Certificate: " + file.getAbsolutePath();
                if (SystemVersion.isAndroid()) {
                    warn(str2, e5);
                } else {
                    error(str2, e5);
                }
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e6) {
                    }
                }
                fileInputStream2 = fileInputStream;
            } catch (CertificateNotYetValidException e7) {
                error("Rejecting X509 Certificate not yet valid: " + file.getAbsolutePath(), e7);
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e8) {
                    }
                }
                fileInputStream2 = fileInputStream;
            }
        } catch (IOException e9) {
            e = e9;
            fileInputStream2 = fileInputStream;
            error("Error reading X509 Certificate: " + file.getAbsolutePath(), e);
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e10) {
                }
            }
            return z;
        } catch (IllegalArgumentException e11) {
            e = e11;
            fileInputStream2 = fileInputStream;
            error("Error reading X509 Certificate: " + file.getAbsolutePath(), e);
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e12) {
                }
            }
            return z;
        } catch (GeneralSecurityException e13) {
            e = e13;
            fileInputStream2 = fileInputStream;
            error("Error reading X509 Certificate: " + file.getAbsolutePath(), e);
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e14) {
                }
            }
            return z;
        } catch (Throwable th2) {
            th = th2;
            fileInputStream2 = fileInputStream;
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e15) {
                }
            }
            throw th;
        }
        return z;
    }

    public static int addCerts(File file, KeyStore keyStore) {
        File[] listFiles;
        info("Looking for X509 Certificates in " + file.getAbsolutePath());
        int i = 0;
        if (file.exists() && file.isDirectory() && (listFiles = file.listFiles()) != null) {
            for (File file2 : listFiles) {
                if (file2.isFile()) {
                    String lowerCase = file2.getName().toLowerCase(Locale.US);
                    if (lowerCase.endsWith(".crt") || lowerCase.endsWith(".pem") || lowerCase.endsWith(".key") || lowerCase.endsWith(".der") || lowerCase.endsWith(".key") || lowerCase.endsWith(".p7b") || lowerCase.endsWith(".p7c") || lowerCase.endsWith(".pfx") || lowerCase.endsWith(".p12")) {
                        lowerCase = lowerCase.substring(0, lowerCase.length() - 4);
                    }
                    if (addCert(file2, lowerCase, keyStore)) {
                        i++;
                    }
                }
            }
        }
        return i;
    }

    public static int countCerts(KeyStore keyStore) {
        int i = 0;
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isCertificateEntry(nextElement)) {
                    info("Found cert " + nextElement);
                    i++;
                }
            }
        } catch (Exception e) {
        }
        return i;
    }

    public static KeyStore createKeyStore(File file, String str) throws GeneralSecurityException, IOException {
        boolean z = file != null && file.exists();
        char[] charArray = str != null ? str.toCharArray() : null;
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        if (z) {
            FileInputStream fileInputStream = null;
            try {
                FileInputStream fileInputStream2 = new FileInputStream(file);
                try {
                    keyStore.load(fileInputStream2, charArray);
                    if (fileInputStream2 != null) {
                        try {
                            fileInputStream2.close();
                        } catch (IOException e) {
                        }
                    }
                } catch (Throwable th) {
                    th = th;
                    fileInputStream = fileInputStream2;
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e2) {
                        }
                    }
                    throw th;
                }
            } catch (Throwable th2) {
                th = th2;
            }
        }
        if (file != null && !z) {
            SecureFileOutputStream secureFileOutputStream = null;
            try {
                SecureFileOutputStream secureFileOutputStream2 = new SecureFileOutputStream(file);
                try {
                    keyStore.store(secureFileOutputStream2, charArray);
                    if (secureFileOutputStream2 != null) {
                        try {
                            secureFileOutputStream2.close();
                        } catch (IOException e3) {
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    secureFileOutputStream = secureFileOutputStream2;
                    if (secureFileOutputStream != null) {
                        try {
                            secureFileOutputStream.close();
                        } catch (IOException e4) {
                        }
                    }
                    throw th;
                }
            } catch (Throwable th4) {
                th = th4;
            }
        }
        return keyStore;
    }

    public static boolean createKeys(File file, String str, String str2, String str3, String str4) {
        return createKeys(file, DEFAULT_KEYSTORE_PASSWORD, str, str2, str3, DEFAULT_KEY_VALID_DAYS, DEFAULT_KEY_ALGORITHM, 2048, str4);
    }

    public static boolean createKeys(File file, String str, String str2, String str3, String str4, int i, String str5, int i2, String str6) {
        if (file.exists()) {
            try {
                if (getCert(file, str, str2) != null) {
                    error("Not overwriting key " + str2 + ", already exists in " + file, null);
                    return false;
                }
            } catch (Exception e) {
                error("Not overwriting key \"" + str2 + "\", already exists in " + file, e);
                return false;
            }
        } else {
            File parentFile = file.getParentFile();
            if (parentFile != null && !parentFile.exists() && !new SecureDirectory(parentFile.getAbsolutePath()).mkdir()) {
                error("Can't create directory " + parentFile, null);
                return false;
            }
        }
        String[] strArr = {new File(System.getProperty("java.home"), "bin/keytool").getAbsolutePath(), "-genkey", "-storetype", KeyStore.getDefaultType(), "-keystore", file.getAbsolutePath(), "-storepass", str, "-alias", str2, "-dname", "CN=" + str3 + ",OU=" + str4 + ",O=I2P Anonymous Network,L=XX,ST=XX,C=XX", "-validity", Integer.toString(i), "-keyalg", str5, "-sigalg", getSigAlg(i2, str5), "-keysize", Integer.toString(i2), "-keypass", str6};
        boolean executeSilentAndWaitTimed = new ShellCommand().executeSilentAndWaitTimed(strArr, 240);
        if (executeSilentAndWaitTimed) {
            executeSilentAndWaitTimed = file.exists();
            if (executeSilentAndWaitTimed) {
                try {
                    executeSilentAndWaitTimed = getPrivateKey(file, str, str2, str6) != null;
                    if (!executeSilentAndWaitTimed) {
                        error("Key gen failed to get private key", null);
                    }
                } catch (Exception e2) {
                    error("Key gen failed to get private key", e2);
                    executeSilentAndWaitTimed = false;
                }
            }
            if (!executeSilentAndWaitTimed) {
                error("Key gen failed for unknown reasons", null);
            }
        }
        if (executeSilentAndWaitTimed) {
            SecureFileOutputStream.setPerms(file);
            info("Created self-signed certificate for " + str3 + " in keystore: " + file.getAbsolutePath());
            return executeSilentAndWaitTimed;
        }
        StringBuilder sb = new StringBuilder(256);
        for (String str7 : strArr) {
            sb.append('\"').append(str7).append("\" ");
        }
        error("Failed to generate keys using command line: " + ((Object) sb), null);
        return executeSilentAndWaitTimed;
    }

    private static void error(String str, Throwable th) {
        log(I2PAppContext.getGlobalContext(), 40, str, th);
    }

    public static boolean exportCert(File file, String str, String str2, File file2) {
        try {
            Certificate cert = getCert(file, str, str2);
            if (cert != null) {
                return CertUtil.saveCert(cert, file2);
            }
        } catch (IOException e) {
            error("Error saving ASCII SSL keys", e);
        } catch (GeneralSecurityException e2) {
            error("Error saving ASCII SSL keys", e2);
        }
        return false;
    }

    public static Certificate getCert(File file, String str, String str2) throws GeneralSecurityException, IOException {
        char[] charArray;
        FileInputStream fileInputStream = null;
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            FileInputStream fileInputStream2 = new FileInputStream(file);
            if (str != null) {
                try {
                    charArray = str.toCharArray();
                } catch (Throwable th) {
                    th = th;
                    fileInputStream = fileInputStream2;
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e) {
                        }
                    }
                    throw th;
                }
            } else {
                charArray = null;
            }
            keyStore.load(fileInputStream2, charArray);
            Certificate certificate = keyStore.getCertificate(str2);
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e2) {
                }
            }
            return certificate;
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public static PrivateKey getPrivateKey(File file, String str, String str2, String str3) throws GeneralSecurityException, IOException {
        char[] charArray;
        FileInputStream fileInputStream = null;
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            FileInputStream fileInputStream2 = new FileInputStream(file);
            if (str != null) {
                try {
                    charArray = str.toCharArray();
                } catch (Throwable th) {
                    th = th;
                    fileInputStream = fileInputStream2;
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e) {
                        }
                    }
                    throw th;
                }
            } else {
                charArray = null;
            }
            keyStore.load(fileInputStream2, charArray);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str2, str3.toCharArray());
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e2) {
                }
            }
            return privateKey;
        } catch (Throwable th2) {
            th = th2;
        }
    }

    private static String getSigAlg(int i, String str) {
        if (str.equals("EC")) {
            str = "ECDSA";
        }
        return (str.equals("ECDSA") ? i <= 256 ? "SHA256" : i <= 384 ? "SHA384" : "SHA512" : i <= 1024 ? "SHA1" : i <= 2048 ? "SHA256" : i <= 3072 ? "SHA384" : "SHA512") + "with" + str;
    }

    private static void info(String str) {
        log(I2PAppContext.getGlobalContext(), 20, str, null);
    }

    private static boolean loadCerts(File file, KeyStore keyStore) {
        FileInputStream fileInputStream;
        if (!file.exists()) {
            return false;
        }
        FileInputStream fileInputStream2 = null;
        try {
            try {
                fileInputStream = new FileInputStream(file);
            } catch (Throwable th) {
                th = th;
            }
        } catch (IOException e) {
            e = e;
        } catch (GeneralSecurityException e2) {
            e = e2;
        }
        try {
            keyStore.load(fileInputStream, DEFAULT_KEYSTORE_PASSWORD.toCharArray());
            info("Certs loaded from " + file);
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                }
            }
            return true;
        } catch (IOException e4) {
            e = e4;
            fileInputStream2 = fileInputStream;
            error("KeyStore load error, no default keys: " + file.getAbsolutePath(), e);
            try {
                keyStore.load(null, DEFAULT_KEYSTORE_PASSWORD.toCharArray());
            } catch (Exception e5) {
            }
            if (fileInputStream2 == null) {
                return false;
            }
            try {
                fileInputStream2.close();
                return false;
            } catch (IOException e6) {
                return false;
            }
        } catch (GeneralSecurityException e7) {
            e = e7;
            fileInputStream2 = fileInputStream;
            error("KeyStore load error, no default keys: " + file.getAbsolutePath(), e);
            try {
                keyStore.load(null, DEFAULT_KEYSTORE_PASSWORD.toCharArray());
            } catch (Exception e8) {
            }
            if (fileInputStream2 == null) {
                return false;
            }
            try {
                fileInputStream2.close();
                return false;
            } catch (IOException e9) {
                return false;
            }
        } catch (Throwable th2) {
            th = th2;
            fileInputStream2 = fileInputStream;
            if (fileInputStream2 != null) {
                try {
                    fileInputStream2.close();
                } catch (IOException e10) {
                }
            }
            throw th;
        }
    }

    public static KeyStore loadSystemKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            String property = System.getProperty("javax.net.ssl.keyStore");
            boolean loadCerts = property != null ? loadCerts(new File(property), keyStore) : false;
            if (!loadCerts) {
                if (!SystemVersion.isAndroid()) {
                    loadCerts = loadCerts(new File(System.getProperty("java.home"), "lib/security/jssecacerts"), keyStore);
                    if (!loadCerts) {
                        loadCerts = loadCerts(new File(System.getProperty("java.home"), "lib/security/cacerts"), keyStore);
                    }
                } else if (SystemVersion.getAndroidVersion() >= 14) {
                    try {
                        keyStore.load(null, DEFAULT_KEYSTORE_PASSWORD.toCharArray());
                        loadCerts = addCerts(new File(System.getProperty("java.home"), "etc/security/cacerts"), keyStore) > 0;
                    } catch (Exception e) {
                    }
                } else {
                    loadCerts = loadCerts(new File(System.getProperty("java.home"), "etc/security/cacerts.bks"), keyStore);
                }
            }
            if (loadCerts) {
                return keyStore;
            }
            try {
                keyStore.load(null, DEFAULT_KEYSTORE_PASSWORD.toCharArray());
            } catch (Exception e2) {
            }
            error("All key store loads failed, will only load local certificates", null);
            return keyStore;
        } catch (GeneralSecurityException e3) {
            error("Key Store init error", e3);
            return null;
        }
    }

    private static void log(I2PAppContext i2PAppContext, int i, String str, Throwable th) {
        if (i >= 30 && !i2PAppContext.isRouterContext()) {
            System.out.println(str);
            if (th != null) {
                th.printStackTrace();
            }
        }
        i2PAppContext.logManager().getLog(KeyStoreUtil.class).log(i, str, th);
    }

    public static void main(String[] strArr) {
        try {
            if (strArr.length > 0) {
                File file = new File(strArr[0]);
                createKeyStore(file, DEFAULT_KEYSTORE_PASSWORD);
                System.out.println("Created empty keystore " + file);
            } else {
                KeyStore loadSystemKeyStore = loadSystemKeyStore();
                if (loadSystemKeyStore != null) {
                    System.out.println("Loaded system keystore");
                    System.out.println("Found " + countCerts(loadSystemKeyStore) + " certs");
                } else {
                    System.out.println("FAIL");
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static String randomString() {
        byte[] bArr = new byte[30];
        I2PAppContext.getGlobalContext().random().nextBytes(bArr);
        return Base32.encode(bArr);
    }

    private static void warn(String str, Throwable th) {
        log(I2PAppContext.getGlobalContext(), 30, str, th);
    }
}
