package androidx.security.identity;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.util.AtomicFile;
import android.util.Log;
import android.util.Pair;
import androidx.security.identity.i;
import co.nstant.in.cbor.CborException;
import co.nstant.in.cbor.h.u;
import co.nstant.in.cbor.h.v;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.ByteBuffer;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.AbstractList;
import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: CredentialData.java */
/* loaded from: classes.dex */
public class c {
    private static final String n = "CredentialData";
    private Context a;
    private String b;

    /* renamed from: l, reason: collision with root package name */
    private AbstractMap<Integer, String> f1050l;
    private String c = "";
    private String d = "";
    private Collection<X509Certificate> e = null;

    /* renamed from: f, reason: collision with root package name */
    private AbstractList<androidx.security.identity.a> f1044f = new ArrayList();

    /* renamed from: g, reason: collision with root package name */
    private AbstractMap<Integer, androidx.security.identity.a> f1045g = new HashMap();

    /* renamed from: h, reason: collision with root package name */
    private AbstractList<i.c> f1046h = new ArrayList();

    /* renamed from: i, reason: collision with root package name */
    private int f1047i = 0;

    /* renamed from: j, reason: collision with root package name */
    private int f1048j = 1;

    /* renamed from: k, reason: collision with root package name */
    private String f1049k = "";

    /* renamed from: m, reason: collision with root package name */
    private AbstractList<a> f1051m = new ArrayList();

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: CredentialData.java */
    /* loaded from: classes.dex */
    public static class a {
        String a = "";
        byte[] b = new byte[0];
        byte[] c = new byte[0];
        int d = 0;
        String e = "";

        /* renamed from: f, reason: collision with root package name */
        byte[] f1052f = new byte[0];

        a() {
        }
    }

    private c(Context context, String str) {
        this.a = context;
        this.b = str;
    }

    private void A(co.nstant.in.cbor.h.k kVar) {
        co.nstant.in.cbor.h.f j2 = kVar.j(new u("accessControlProfiles"));
        if (!(j2 instanceof co.nstant.in.cbor.h.c)) {
            throw new RuntimeException("accessControlProfiles not found or not array");
        }
        this.f1044f = new ArrayList();
        this.f1045g = new HashMap();
        Iterator<co.nstant.in.cbor.h.f> it = ((co.nstant.in.cbor.h.c) j2).k().iterator();
        while (it.hasNext()) {
            androidx.security.identity.a a2 = o.a(it.next());
            this.f1044f.add(a2);
            this.f1045g.put(Integer.valueOf(a2.a().a()), a2);
        }
    }

    private void B(co.nstant.in.cbor.h.k kVar) {
        this.f1049k = ((u) kVar.j(new u("perReaderSessionKeyAlias"))).j();
        co.nstant.in.cbor.h.f j2 = kVar.j(new u("acpTimeoutKeyMap"));
        if (!(j2 instanceof co.nstant.in.cbor.h.k)) {
            throw new RuntimeException("acpTimeoutKeyMap not found or not map");
        }
        this.f1050l = new HashMap();
        co.nstant.in.cbor.h.k kVar2 = (co.nstant.in.cbor.h.k) j2;
        for (co.nstant.in.cbor.h.f fVar : kVar2.k()) {
            if (!(fVar instanceof v)) {
                throw new RuntimeException("Key in acpTimeoutKeyMap is not an integer");
            }
            int intValue = ((v) fVar).h().intValue();
            co.nstant.in.cbor.h.f j3 = kVar2.j(fVar);
            if (!(j3 instanceof u)) {
                throw new RuntimeException("Item in acpTimeoutKeyMap is not a string");
            }
            this.f1050l.put(Integer.valueOf(intValue), ((u) j3).j());
        }
        this.f1047i = ((co.nstant.in.cbor.h.m) kVar.j(new u("authKeyCount"))).h().intValue();
        this.f1048j = ((co.nstant.in.cbor.h.m) kVar.j(new u("authKeyMaxUses"))).h().intValue();
        co.nstant.in.cbor.h.f j4 = kVar.j(new u("authKeyDatas"));
        if (!(j4 instanceof co.nstant.in.cbor.h.c)) {
            throw new RuntimeException("authKeyDatas not found or not array");
        }
        this.f1051m = new ArrayList();
        for (co.nstant.in.cbor.h.f fVar2 : ((co.nstant.in.cbor.h.c) j4).k()) {
            a aVar = new a();
            co.nstant.in.cbor.h.k kVar3 = (co.nstant.in.cbor.h.k) fVar2;
            aVar.a = ((u) kVar3.j(new u("alias"))).j();
            aVar.d = ((co.nstant.in.cbor.h.m) kVar3.j(new u("useCount"))).h().intValue();
            aVar.b = ((co.nstant.in.cbor.h.d) kVar3.j(new u("certificate"))).j();
            aVar.c = ((co.nstant.in.cbor.h.d) kVar3.j(new u("staticAuthenticationData"))).j();
            aVar.e = ((u) kVar3.j(new u("pendingAlias"))).j();
            aVar.f1052f = ((co.nstant.in.cbor.h.d) kVar3.j(new u("pendingCertificate"))).j();
            this.f1051m.add(aVar);
        }
    }

    private void C(co.nstant.in.cbor.h.k kVar) {
        this.c = ((u) kVar.j(new u("docType"))).j();
        this.d = ((u) kVar.j(new u("credentialKeyAlias"))).j();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static c D(Context context, String str) {
        c cVar = new c(context, str);
        if (cVar.F(v(str))) {
            return cVar;
        }
        return null;
    }

    private void E(co.nstant.in.cbor.h.k kVar) {
        co.nstant.in.cbor.h.f j2 = kVar.j(new u("credentialKeyCertChain"));
        if (!(j2 instanceof co.nstant.in.cbor.h.c)) {
            throw new RuntimeException("credentialKeyCertChain not found or not array");
        }
        this.e = new ArrayList();
        Iterator<co.nstant.in.cbor.h.f> it = ((co.nstant.in.cbor.h.c) j2).k().iterator();
        while (it.hasNext()) {
            byte[] j3 = ((co.nstant.in.cbor.h.d) it.next()).j();
            try {
                this.e.add((X509Certificate) CertificateFactory.getInstance(org.acra.a.f8177l).generateCertificate(new ByteArrayInputStream(j3)));
            } catch (CertificateException e) {
                throw new RuntimeException("Error decoding certificate blob", e);
            }
        }
    }

    private boolean F(String str) {
        try {
            try {
                List<co.nstant.in.cbor.h.f> a2 = new co.nstant.in.cbor.b(new ByteArrayInputStream(G(str, new AtomicFile(this.a.getFileStreamPath(x(this.b))).readFully()))).a();
                if (a2.size() != 1) {
                    throw new RuntimeException("Expected 1 item, found " + a2.size());
                }
                if (!(a2.get(0) instanceof co.nstant.in.cbor.h.k)) {
                    throw new RuntimeException("Item is not a map");
                }
                co.nstant.in.cbor.h.k kVar = (co.nstant.in.cbor.h.k) a2.get(0);
                C(kVar);
                E(kVar);
                A(kVar);
                H(kVar);
                B(kVar);
                return true;
            } catch (CborException e) {
                throw new RuntimeException("Error decoding data", e);
            }
        } catch (Exception unused) {
            return false;
        }
    }

    private byte[] G(String str, byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.h5.g.b);
            keyStore.load(null);
            SecretKey secretKey = ((KeyStore.SecretKeyEntry) keyStore.getEntry(str, null)).getSecretKey();
            if (bArr.length < 12) {
                throw new RuntimeException("Encrypted CBOR on disk is too small");
            }
            ByteBuffer wrap = ByteBuffer.wrap(bArr);
            byte[] bArr2 = new byte[12];
            wrap.get(bArr2);
            byte[] bArr3 = new byte[bArr.length - 12];
            wrap.get(bArr3);
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, secretKey, new GCMParameterSpec(128, bArr2));
            return cipher.doFinal(bArr3);
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new RuntimeException("Error decrypting CBOR", e);
        }
    }

    private void H(co.nstant.in.cbor.h.k kVar) {
        co.nstant.in.cbor.h.f j2 = kVar.j(new u("namespaceDatas"));
        if (!(j2 instanceof co.nstant.in.cbor.h.k)) {
            throw new RuntimeException("namespaceDatas not found or not map");
        }
        this.f1046h = new ArrayList();
        co.nstant.in.cbor.h.k kVar2 = (co.nstant.in.cbor.h.k) j2;
        for (co.nstant.in.cbor.h.f fVar : kVar2.k()) {
            if (!(fVar instanceof u)) {
                throw new RuntimeException("Key in namespaceDatas is not a string");
            }
            this.f1046h.add(o.C(((u) fVar).j(), kVar2.j(fVar)));
        }
    }

    private void J() {
        FileOutputStream fileOutputStream;
        co.nstant.in.cbor.a aVar = new co.nstant.in.cbor.a();
        co.nstant.in.cbor.e.d<co.nstant.in.cbor.a> w = aVar.w();
        N(w);
        L(w);
        K(w);
        Q(w);
        M(w);
        byte[] P = P(O(aVar));
        AtomicFile atomicFile = new AtomicFile(this.a.getFileStreamPath(x(this.b)));
        try {
            fileOutputStream = atomicFile.startWrite();
        } catch (IOException e) {
            e = e;
            fileOutputStream = null;
        }
        try {
            fileOutputStream.write(P);
            fileOutputStream.close();
            atomicFile.finishWrite(fileOutputStream);
        } catch (IOException e2) {
            e = e2;
            if (fileOutputStream != null) {
                atomicFile.failWrite(fileOutputStream);
            }
            throw new RuntimeException("Error writing data", e);
        }
    }

    private void K(co.nstant.in.cbor.e.d<co.nstant.in.cbor.a> dVar) {
        co.nstant.in.cbor.e.b<co.nstant.in.cbor.e.d<co.nstant.in.cbor.a>> D = dVar.D("accessControlProfiles");
        Iterator<androidx.security.identity.a> it = this.f1044f.iterator();
        while (it.hasNext()) {
            D.q(o.b(it.next()));
        }
    }

    private void L(co.nstant.in.cbor.e.d<co.nstant.in.cbor.a> dVar) {
        co.nstant.in.cbor.e.b<co.nstant.in.cbor.e.d<co.nstant.in.cbor.a>> D = dVar.D("authKeyDatas");
        Iterator<a> it = this.f1051m.iterator();
        while (it.hasNext()) {
            a next = it.next();
            D.v().y("alias", next.a).x("useCount", next.d).A("certificate", next.b).A("staticAuthenticationData", next.c).y("pendingAlias", next.e).A("pendingCertificate", next.f1052f).n();
        }
    }

    private void M(co.nstant.in.cbor.e.d<co.nstant.in.cbor.a> dVar) {
        dVar.y("perReaderSessionKeyAlias", this.f1049k);
        co.nstant.in.cbor.e.d<co.nstant.in.cbor.e.d<co.nstant.in.cbor.a>> G = dVar.G("acpTimeoutKeyMap");
        Iterator<Map.Entry<Integer, String>> it = this.f1050l.entrySet().iterator();
        while (it.hasNext()) {
            G.u(new v(r1.getKey().intValue()), new u(it.next().getValue()));
        }
    }

    private void N(co.nstant.in.cbor.e.d<co.nstant.in.cbor.a> dVar) {
        dVar.y("docType", this.c);
        dVar.y("credentialKeyAlias", this.d);
        co.nstant.in.cbor.e.b<co.nstant.in.cbor.e.d<co.nstant.in.cbor.a>> D = dVar.D("credentialKeyCertChain");
        Iterator<X509Certificate> it = this.e.iterator();
        while (it.hasNext()) {
            try {
                D.t(it.next().getEncoded());
            } catch (CertificateEncodingException e) {
                throw new RuntimeException("Error encoding certificate", e);
            }
        }
        dVar.x("authKeyCount", this.f1047i);
        dVar.x("authKeyMaxUses", this.f1048j);
    }

    private byte[] O(co.nstant.in.cbor.a aVar) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            new co.nstant.in.cbor.c(byteArrayOutputStream).b(aVar.y());
            return byteArrayOutputStream.toByteArray();
        } catch (CborException e) {
            throw new RuntimeException("Error encoding data", e);
        }
    }

    private byte[] P(byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.h5.g.b);
            keyStore.load(null);
            SecretKey secretKey = ((KeyStore.SecretKeyEntry) keyStore.getEntry(v(this.b), null)).getSecretKey();
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, secretKey);
            byte[] doFinal = cipher.doFinal(bArr);
            ByteBuffer allocate = ByteBuffer.allocate(doFinal.length + 12);
            allocate.put(cipher.getIV());
            allocate.put(doFinal);
            return allocate.array();
        } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new RuntimeException("Error encrypting CBOR for saving to disk", e);
        }
    }

    private void Q(co.nstant.in.cbor.e.d<co.nstant.in.cbor.a> dVar) {
        co.nstant.in.cbor.e.d<co.nstant.in.cbor.e.d<co.nstant.in.cbor.a>> G = dVar.G("namespaceDatas");
        Iterator<i.c> it = this.f1046h.iterator();
        while (it.hasNext()) {
            i.c next = it.next();
            G.u(new u(next.d()), o.D(next));
        }
    }

    static byte[] a(String str, PrivateKey privateKey) {
        co.nstant.in.cbor.a aVar = new co.nstant.in.cbor.a();
        aVar.v().r("ProofOfDeletion").r(str).s(false);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new co.nstant.in.cbor.c(byteArrayOutputStream).a(aVar.y().get(0));
            return o.w(privateKey, byteArrayOutputStream.toByteArray(), null, null);
        } catch (CborException | InvalidKeyException | NoSuchAlgorithmException | CertificateEncodingException e) {
            throw new RuntimeException("Error building ProofOfDeletion", e);
        }
    }

    private boolean c(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.h5.g.b);
            keyStore.load(null);
            SecretKey secretKey = ((KeyStore.SecretKeyEntry) keyStore.getEntry(str, null)).getSecretKey();
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, secretKey);
            cipher.doFinal(new byte[]{1, 2});
            return true;
        } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static c d(Context context, String str, String str2, String str3, Collection<X509Certificate> collection, i iVar) {
        if (f(context, str2)) {
            throw new RuntimeException("Credential with given name already exists");
        }
        c cVar = new c(context, str2);
        cVar.c = str;
        cVar.d = str3;
        cVar.e = collection;
        cVar.f1044f = new ArrayList();
        cVar.f1045g = new HashMap();
        for (androidx.security.identity.a aVar : iVar.a()) {
            cVar.f1044f.add(aVar);
            cVar.f1045g.put(Integer.valueOf(aVar.a().a()), aVar);
        }
        ArrayList arrayList = new ArrayList();
        cVar.f1046h = arrayList;
        arrayList.addAll(iVar.c());
        cVar.f1050l = new HashMap();
        for (androidx.security.identity.a aVar2 : iVar.a()) {
            boolean d = aVar2.d();
            long c = aVar2.c();
            if (d) {
                i(str2, cVar);
                h(str2, cVar, aVar2, c);
            }
        }
        cVar.e();
        cVar.J();
        return cVar;
    }

    private void e() {
        try {
            String v = v(this.b);
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", com.splashtop.remote.h5.g.b);
            keyGenerator.init(new KeyGenParameterSpec.Builder(v, 3).setBlockModes(h.c.a.b.e.a.i0).setEncryptionPaddings("NoPadding").setKeySize(128).build());
            keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new RuntimeException("Error creating data encryption key", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean f(Context context, String str) {
        try {
            new AtomicFile(context.getFileStreamPath(x(str))).openRead();
            return true;
        } catch (FileNotFoundException unused) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] g(Context context, String str) {
        c cVar;
        AtomicFile atomicFile = new AtomicFile(context.getFileStreamPath(x(str)));
        try {
            atomicFile.openRead();
            cVar = new c(context, str);
        } catch (FileNotFoundException unused) {
        }
        try {
            cVar.F(v(str));
            try {
                KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.h5.g.b);
                keyStore.load(null);
                byte[] a2 = a(cVar.c, ((KeyStore.PrivateKeyEntry) keyStore.getEntry(cVar.d, null)).getPrivateKey());
                atomicFile.delete();
                try {
                    keyStore.deleteEntry(cVar.d);
                    if (!cVar.f1049k.isEmpty()) {
                        keyStore.deleteEntry(cVar.f1049k);
                    }
                    Iterator<String> it = cVar.f1050l.values().iterator();
                    while (it.hasNext()) {
                        keyStore.deleteEntry(it.next());
                    }
                    Iterator<a> it2 = cVar.f1051m.iterator();
                    while (it2.hasNext()) {
                        a next = it2.next();
                        if (!next.a.isEmpty()) {
                            keyStore.deleteEntry(next.a);
                        }
                        if (!next.e.isEmpty()) {
                            keyStore.deleteEntry(next.e);
                        }
                    }
                    return a2;
                } catch (KeyStoreException e) {
                    throw new RuntimeException("Error deleting key", e);
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e2) {
                throw new RuntimeException("Error loading keystore", e2);
            }
        } catch (RuntimeException unused2) {
            Log.e(n, "Error parsing file on disk (old version?). Deleting anyway.");
            atomicFile.delete();
            return null;
        }
    }

    private static void h(String str, c cVar, androidx.security.identity.a aVar, long j2) {
        if (j2 > 0) {
            int a2 = aVar.a().a();
            String n2 = n(str, a2);
            try {
                int i2 = (int) (j2 / 1000);
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", com.splashtop.remote.h5.g.b);
                keyGenerator.init(new KeyGenParameterSpec.Builder(n2, 3).setBlockModes(h.c.a.b.e.a.i0).setEncryptionPaddings("NoPadding").setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(i2).setKeySize(128).build());
                keyGenerator.generateKey();
                cVar.f1050l.put(Integer.valueOf(a2), n2);
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
                throw new RuntimeException("Error creating ACP auth-bound timeout key", e);
            }
        }
    }

    private static void i(String str, c cVar) {
        if (cVar.f1049k.isEmpty()) {
            cVar.f1049k = m(str);
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", com.splashtop.remote.h5.g.b);
                keyGenerator.init(new KeyGenParameterSpec.Builder(cVar.f1049k, 3).setBlockModes(h.c.a.b.e.a.i0).setEncryptionPaddings("NoPadding").setKeySize(128).setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(-1).build());
                keyGenerator.generateKey();
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
                throw new RuntimeException("Error creating ACP auth-bound key", e);
            }
        }
    }

    static String j(String str, String str2) {
        try {
            return "identity_credential_" + str + "_" + URLEncoder.encode(str2, org.acra.a.n);
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("Unexpected UnsupportedEncodingException", e);
        }
    }

    static String m(String str) {
        return j("acp", str);
    }

    static String n(String str, int i2) {
        return j("acp_timeout_for_id" + i2, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String o(String str) {
        return j("credkey", str);
    }

    static String v(String str) {
        return j("datakey", str);
    }

    static String x(String str) {
        return j("data", str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public i.c I(String str) {
        Iterator<i.c> it = this.f1046h.iterator();
        while (it.hasNext()) {
            i.c next = it.next();
            if (next.d().equals(str)) {
                return next;
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Pair<PrivateKey, byte[]> R(boolean z) throws NoAuthenticationKeyAvailableException {
        a aVar = null;
        for (int i2 = 0; i2 < this.f1047i; i2++) {
            a aVar2 = this.f1051m.get(i2);
            if (!aVar2.a.isEmpty() && (aVar == null || aVar2.d < aVar.d)) {
                aVar = aVar2;
            }
        }
        if (aVar == null) {
            return null;
        }
        if (aVar.d >= this.f1048j && !z) {
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.h5.g.b);
            keyStore.load(null);
            Pair<PrivateKey, byte[]> pair = new Pair<>(((KeyStore.PrivateKeyEntry) keyStore.getEntry(aVar.a, null)).getPrivateKey(), aVar.c);
            aVar.d++;
            J();
            return pair;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            throw new RuntimeException("Error loading keystore", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void S(int i2, int i3) {
        int i4 = this.f1047i;
        this.f1047i = i2;
        this.f1048j = i3;
        if (i4 < i2) {
            while (i4 < this.f1047i) {
                this.f1051m.add(new a());
                i4++;
            }
        } else if (i4 > i2) {
            try {
                KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.h5.g.b);
                keyStore.load(null);
                int i5 = i4 - this.f1047i;
                for (int i6 = 0; i6 < i5; i6++) {
                    a aVar = this.f1051m.get(0);
                    if (!aVar.a.isEmpty()) {
                        try {
                            if (keyStore.containsAlias(aVar.a)) {
                                keyStore.deleteEntry(aVar.a);
                            }
                        } catch (KeyStoreException e) {
                            throw new RuntimeException("Error deleting auth key with mAlias " + aVar.a, e);
                        }
                    }
                    if (!aVar.e.isEmpty()) {
                        try {
                            if (keyStore.containsAlias(aVar.e)) {
                                keyStore.deleteEntry(aVar.e);
                            }
                        } catch (KeyStoreException e2) {
                            throw new RuntimeException("Error deleting auth key with mPendingAlias " + aVar.e, e2);
                        }
                    }
                    this.f1051m.remove(0);
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e3) {
                throw new RuntimeException("Error loading keystore", e3);
            }
        }
        J();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void T(X509Certificate x509Certificate, byte[] bArr) throws UnknownAuthenticationKeyException {
        a aVar;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance(org.acra.a.f8177l);
            Iterator<a> it = this.f1051m.iterator();
            while (true) {
                if (!it.hasNext()) {
                    aVar = null;
                    break;
                }
                aVar = it.next();
                if (aVar.f1052f.length > 0 && ((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(aVar.f1052f))).equals(x509Certificate)) {
                    break;
                }
            }
            if (aVar == null) {
                throw new UnknownAuthenticationKeyException("No such authentication key");
            }
            if (!aVar.a.isEmpty()) {
                try {
                    KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.h5.g.b);
                    keyStore.load(null);
                    if (keyStore.containsAlias(aVar.a)) {
                        keyStore.deleteEntry(aVar.a);
                    }
                } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                    throw new RuntimeException("Error deleting old authentication key", e);
                }
            }
            aVar.a = aVar.e;
            aVar.b = aVar.f1052f;
            aVar.c = bArr;
            aVar.d = 0;
            aVar.e = "";
            aVar.f1052f = new byte[0];
            J();
        } catch (CertificateException e2) {
            throw new RuntimeException("Error encoding certificate", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean b(b bVar, boolean z) {
        if (k(bVar).c() == 0) {
            return z;
        }
        String str = this.f1050l.get(Integer.valueOf(bVar.a()));
        if (str != null) {
            return c(str);
        }
        throw new RuntimeException("No key alias for ACP with ID " + bVar.a());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public androidx.security.identity.a k(b bVar) {
        androidx.security.identity.a aVar = this.f1045g.get(Integer.valueOf(bVar.a()));
        if (aVar != null) {
            return aVar;
        }
        throw new RuntimeException("No profile with id " + bVar.a());
    }

    Collection<androidx.security.identity.a> l() {
        return this.f1044f;
    }

    int p() {
        return this.f1047i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int[] q() {
        int[] iArr = new int[this.f1047i];
        Iterator<a> it = this.f1051m.iterator();
        int i2 = 0;
        while (it.hasNext()) {
            iArr[i2] = it.next().d;
            i2++;
        }
        return iArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection<X509Certificate> r() {
        try {
            KeyStore.getInstance(com.splashtop.remote.h5.g.b).load(null);
            ArrayList arrayList = new ArrayList();
            for (int i2 = 0; i2 < this.f1047i; i2++) {
                a aVar = this.f1051m.get(i2);
                boolean z = true;
                boolean z2 = aVar.a.isEmpty() || aVar.d >= this.f1048j;
                boolean z3 = !aVar.e.isEmpty();
                if (!z2 || z3) {
                    z = z3;
                } else {
                    try {
                        String str = this.d + String.format("_auth_%d", Integer.valueOf(i2));
                        if (str.equals(aVar.a)) {
                            str = str + "_";
                        }
                        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", com.splashtop.remote.h5.g.b);
                        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 12).setDigests("SHA-256", "SHA-512").build());
                        keyPairGenerator.generateKeyPair();
                        X509Certificate F = o.F(str, this.d);
                        aVar.e = str;
                        aVar.f1052f = F.getEncoded();
                    } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | CertificateEncodingException e) {
                        throw new RuntimeException("Error creating auth key", e);
                    }
                }
                if (z) {
                    try {
                        arrayList.add((X509Certificate) CertificateFactory.getInstance(org.acra.a.f8177l).generateCertificate(new ByteArrayInputStream(aVar.f1052f)));
                    } catch (CertificateException e2) {
                        throw new RuntimeException("Error creating certificate for auth key", e2);
                    }
                }
            }
            J();
            return arrayList;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e3) {
            throw new RuntimeException("Error loading keystore", e3);
        }
    }

    int s() {
        return this.f1048j;
    }

    String t() {
        return this.d;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Collection<X509Certificate> u() {
        return this.e;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String w() {
        return this.c;
    }

    Collection<i.c> y() {
        return this.f1046h;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String z() {
        return this.f1049k;
    }
}
