package br.com.nubank.certificates;

import com.airbnb.paris.R2;
import com.google.android.exoplayer2.text.webvtt.WebvttCueParser;
import com.google.firebase.messaging.GmsRpc;
import java.io.File;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import zi.C0844;
import zi.C10033;
import zi.C1125;
import zi.C1857;
import zi.C2518;
import zi.C2923;
import zi.C3128;
import zi.C3195;
import zi.C3941;
import zi.C5127;
import zi.C5480;
import zi.C5524;
import zi.C5739;
import zi.C5991;
import zi.C6025;
import zi.C6634;
import zi.C6919;
import zi.C7252;
import zi.C7309;
import zi.C7862;
import zi.C7933;
import zi.C8506;
import zi.C8526;
import zi.C8988;
import zi.C9286;
import zi.CallableC8796;

/* compiled from: CertificatesManager.kt */
@Metadata(d1 = {"\u0000t\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\u0011\n\u0002\b\u0004\u0018\u00002\u00020\u0001B\u0017\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\b\b\u0002\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006J\b\u0010\u000b\u001a\u00020\fH\u0016J\u0018\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u0012H\u0002J\u0010\u0010\u0013\u001a\u00020\u00142\u0006\u0010\u0015\u001a\u00020\bH\u0016J\u0012\u0010\u0016\u001a\u0004\u0018\u00010\u000e2\u0006\u0010\u0015\u001a\u00020\bH\u0016J\u0012\u0010\u0017\u001a\u0004\u0018\u00010\u00102\u0006\u0010\u0015\u001a\u00020\bH\u0016J\u0010\u0010\u0018\u001a\u00020\u00192\u0006\u0010\u0015\u001a\u00020\bH\u0016J\u0012\u0010\u001a\u001a\u0004\u0018\u00010\u000e2\u0006\u0010\u0015\u001a\u00020\bH\u0016J\u0012\u0010\u001b\u001a\u0004\u0018\u00010\u00102\u0006\u0010\u0015\u001a\u00020\bH\u0016J\u0012\u0010\u001c\u001a\u0004\u0018\u00010\u001d2\u0006\u0010\u0015\u001a\u00020\bH\u0016J\b\u0010\u001e\u001a\u00020\bH\u0016J\u0012\u0010\u001f\u001a\u0004\u0018\u00010\b2\u0006\u0010\u0015\u001a\u00020\bH\u0016J\u0018\u0010 \u001a\u00020\u00142\u0006\u0010!\u001a\u00020\f2\u0006\u0010\u0011\u001a\u00020\"H\u0016J \u0010#\u001a\u00020\u00142\u0006\u0010!\u001a\u00020\f2\u0006\u0010\u0011\u001a\u00020\"2\u0006\u0010$\u001a\u00020%H\u0002J\u0018\u0010&\u001a\u00020\u00142\u0006\u0010!\u001a\u00020\f2\u0006\u0010\u0011\u001a\u00020\"H\u0016J\u001a\u0010'\u001a\u0004\u0018\u00010\u000e2\u0006\u0010$\u001a\u00020%2\u0006\u0010\u0015\u001a\u00020\bH\u0002J \u0010(\u001a\u00020\u00142\u0006\u0010)\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u00122\u0006\u0010*\u001a\u00020+H\u0002J\u0014\u0010,\u001a\u00020+*\u00020\u00032\u0006\u0010-\u001a\u00020\bH\u0002J%\u0010.\u001a\u00020\u0014*\u00020\u00032\u0012\u0010/\u001a\n\u0012\u0006\b\u0001\u0012\u00020\b00\"\u00020\bH\u0002¢\u0006\u0002\u00101J\u0010\u00102\u001a\u0004\u0018\u00010\u0010*\u0004\u0018\u00010\u000eH\u0002J\u0010\u00103\u001a\u0004\u0018\u00010\u001d*\u0004\u0018\u00010\u000eH\u0002R\u000e\u0010\u0007\u001a\u00020\bX\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\t\u001a\u00020\nX\u0082\u0004¢\u0006\u0002\n\u0000¨\u00064"}, d2 = {"Lbr/com/nubank/certificates/CertificatesManagerImpl;", "Lbr/com/nubank/certificates/CertificatesManager;", "fileHandler", "Lbr/com/nubank/certificates/FileHandler;", "keyPairGenerator", "Lbr/com/nubank/certificates/IKeyPairGenerator;", "(Lbr/com/nubank/certificates/FileHandler;Lbr/com/nubank/certificates/IKeyPairGenerator;)V", "STORE_KEY", "", "lock", "", "createKeyPair", "Ljava/security/KeyPair;", "createKeyStore", "Ljava/security/KeyStore;", "key", "Ljava/security/PrivateKey;", "certificate", "Ljava/security/cert/Certificate;", GmsRpc.EXTRA_DELETE, "", "sessionId", "getAuthKeyStore", "getAuthPrivateKey", "getCertificates", "Lbr/com/nubank/certificates/NuKeyStore;", "getCryptoKeyStore", "getCryptoPrivateKey", "getCryptoPublicKey", "Ljava/security/PublicKey;", "getKeyStorePassword", "getKeyStorePath", "persistAuthCertificate", "keyPair", "Ljava/security/cert/X509Certificate;", "persistCertificate", "keyStoreFile", "Lbr/com/nubank/certificates/KeyStoreFile;", "persistCryptoCertificate", "readKeyStore", "save", "privateKey", "stream", "Ljava/io/OutputStream;", "createCertificateFile", "filePath", "deleteCertificateFile", "filePaths", "", "(Lbr/com/nubank/certificates/FileHandler;[Ljava/lang/String;)V", "getPrivateKey", "getPublicKey", "certificates_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes3.dex */
public final class CertificatesManagerImpl implements CertificatesManager {
    public final String STORE_KEY;
    public final FileHandler fileHandler;
    public final IKeyPairGenerator keyPairGenerator;
    public final Object lock;

    public CertificatesManagerImpl(FileHandler fileHandler, IKeyPairGenerator iKeyPairGenerator) {
        Intrinsics.checkNotNullParameter(fileHandler, C5739.m12094("ace]?WcX_Wc", (short) (C3128.m10100() ^ (-4164))));
        Intrinsics.checkNotNullParameter(iKeyPairGenerator, C6919.m12985("=h+\u001dN$\u00151\u000fWH{\u0016'>b", (short) (C3128.m10100() ^ (-73))));
        this.fileHandler = fileHandler;
        this.keyPairGenerator = iKeyPairGenerator;
        this.lock = new Object();
        this.STORE_KEY = C7862.m13740("flXVb^", (short) (C5480.m11930() ^ (-21802)));
    }

    public /* synthetic */ CertificatesManagerImpl(FileHandler fileHandler, KeyPairGenerator keyPairGenerator, int i, DefaultConstructorMarker defaultConstructorMarker) {
        this(fileHandler, (i & 2) != 0 ? new KeyPairGenerator() : keyPairGenerator);
    }

    private final OutputStream createCertificateFile(FileHandler fileHandler, String str) {
        return fileHandler.getFileForWriting(str);
    }

    private final KeyStore createKeyStore(PrivateKey key, Certificate certificate) {
        KeyStore keyStore = KeyStore.getInstance(C7933.m13768("\u0003|s\u0003__", (short) (C8526.m14413() ^ 2165), (short) (C8526.m14413() ^ 8310)));
        keyStore.load(null, null);
        char[] charArray = this.STORE_KEY.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, C7252.m13271("k<{d[[L3L\"s;VQ#n6W;;\u00069\u001dR`DG\u001fA%zHes0}bO-", (short) (C6634.m12799() ^ 28754), (short) (C6634.m12799() ^ 23553)));
        keyStore.setKeyEntry(C5991.m12255("7?j\u0015M", (short) (C3941.m10731() ^ 28129), (short) (C3941.m10731() ^ 19485)), key, charArray, new Certificate[]{certificate});
        Intrinsics.checkNotNullExpressionValue(keyStore, C5524.m11949("<;K!GMO=KAD\b\u00032.'8\u0017\u0019\n\u0012\u0018L\\\udf91T\u0017SVdg][_ZYm_$%\u0007\u001e\u001f !\"#$%\u0004", (short) (C6025.m12284() ^ (-18546)), (short) (C6025.m12284() ^ (-30267))));
        return keyStore;
    }

    private final void deleteCertificateFile(FileHandler fileHandler, String... strArr) {
        int length = strArr.length;
        int i = 0;
        while (i < length) {
            String str = strArr[i];
            i++;
            fileHandler.deleteFile(str);
        }
    }

    private final PrivateKey getPrivateKey(KeyStore keyStore) {
        if (keyStore != null) {
            char[] charArray = this.STORE_KEY.toCharArray();
            Intrinsics.checkNotNullExpressionValue(charArray, C2923.m9908(".!!*U\u0016'R\u001c\u0012&\u0010[\u0019\r\u0019\u0011Vz\u001b\u0018\u000e\u0012\nJN\u0014\u000e`\u0005|\rZ\u000b\nw\u000f<<", (short) (C3128.m10100() ^ (-23280))));
            KeyStore.Entry entry = keyStore.getEntry(C9286.m14951("+JPEP", (short) (C6634.m12799() ^ R2.styleable.MenuView_android_horizontalDivider), (short) (C6634.m12799() ^ 3363)), new KeyStore.PasswordProtection(charArray));
            if (entry != null) {
                return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
            }
        }
        return null;
    }

    private final PublicKey getPublicKey(KeyStore keyStore) {
        Certificate certificate;
        if (keyStore == null || (certificate = keyStore.getCertificate(C8988.m14747("{\b\u0006~\u0012", (short) (C2518.m9621() ^ 12342), (short) (C2518.m9621() ^ 23367)))) == null) {
            return null;
        }
        return certificate.getPublicKey();
    }

    private final void persistCertificate(KeyPair keyPair, X509Certificate certificate, KeyStoreFile keyStoreFile) {
        PublicKey publicKey = certificate.getPublicKey();
        Intrinsics.checkNotNullExpressionValue(publicKey, C7309.m13311("\b\t\u0015\u0016\n\u0006\b\u0001}\u0010\u007fG\t\rx\u0002}v]v\n", (short) (C10033.m15480() ^ (-4893)), (short) (C10033.m15480() ^ (-25307))));
        String pem = NuKeyStoreKt.toPem(publicKey);
        PublicKey publicKey2 = keyPair.getPublic();
        Intrinsics.checkNotNullExpressionValue(publicKey2, C8506.m14379("\u001b\u0016+\u0003\u0015\u001e(d\u0018\u001e\f\u0017\u0015\u0010", (short) (C2518.m9621() ^ 29614)));
        if (!Intrinsics.areEqual(pem, NuKeyStoreKt.toPem(publicKey2))) {
            throw new InvalidKeyException(C1125.m8333(" \u0014.<WwZ}\u007f4'K}iZC\u0001zhr=\f[#6s\u0017WZ\u000f1LO&", (short) (C5480.m11930() ^ (-31446))));
        }
        String commonName = NuKeyStoreKt.getCommonName(certificate);
        if (commonName == null) {
            throw new InvalidKeyException(C0844.m8091("Ekt`ljf#gjx{qosnm\u0002s/s\u0001\u007f\u0001\u0004\u00046\u0006y\u0007\u007f", (short) (C6025.m12284() ^ (-11332))));
        }
        String str = commonName + WebvttCueParser.CHAR_SLASH + keyStoreFile.getFileName();
        try {
            OutputStream createCertificateFile = createCertificateFile(this.fileHandler, str);
            try {
                OutputStream outputStream = createCertificateFile;
                PrivateKey privateKey = keyPair.getPrivate();
                Intrinsics.checkNotNullExpressionValue(privateKey, C1857.m8984("d_tL^gq.qtlzfzl", (short) (C6634.m12799() ^ 27560)));
                save(privateKey, certificate, outputStream);
                Unit unit = Unit.INSTANCE;
                CloseableKt.closeFinally(createCertificateFile, null);
            } finally {
            }
        } catch (Exception e) {
            deleteCertificateFile(this.fileHandler, str);
            throw e;
        }
    }

    private final KeyStore readKeyStore(KeyStoreFile keyStoreFile, String sessionId) {
        KeyStore keyStore;
        synchronized (this.lock) {
            InputStream fileForReading = this.fileHandler.getFileForReading(sessionId + WebvttCueParser.CHAR_SLASH + keyStoreFile.getFileName());
            keyStore = null;
            if (fileForReading != null) {
                InputStream inputStream = fileForReading;
                try {
                    KeyStore keyStore2 = KeyStore.getInstance(C5127.m11666("ZVO`?A", (short) (C6634.m12799() ^ 17252)));
                    char[] charArray = this.STORE_KEY.toCharArray();
                    Intrinsics.checkNotNullExpressionValue(charArray, C3195.m10144("L??H{<MxJ@T>\u0012OCO/t\u00199>480x|B<\u0017;3Cx)(\u00165bb", (short) (C5480.m11930() ^ (-15898))));
                    keyStore2.load(inputStream, charArray);
                    CloseableKt.closeFinally(inputStream, null);
                    keyStore = keyStore2;
                } finally {
                }
            }
        }
        return keyStore;
    }

    private final void save(PrivateKey privateKey, Certificate certificate, OutputStream stream) {
        KeyStore createKeyStore = createKeyStore(privateKey, certificate);
        char[] charArray = this.STORE_KEY.toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, CallableC8796.m14635("5\n,^mW6@6LOK7u\u0001w&ZJ7d=Ggx\u0006x:V\u000fG\u0003\u0002`\u001cEo'\u001c", (short) (C6025.m12284() ^ (-30522)), (short) (C6025.m12284() ^ (-2550))));
        createKeyStore.store(stream, charArray);
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public KeyPair createKeyPair() {
        return this.keyPairGenerator.generate();
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public void delete(String sessionId) {
        Intrinsics.checkNotNullParameter(sessionId, C5739.m12094("=.;:/42\f&", (short) (C3941.m10731() ^ 1875)));
        KeyStoreFile[] values = KeyStoreFile.values();
        int length = values.length;
        int i = 0;
        while (i < length) {
            KeyStoreFile keyStoreFile = values[i];
            i++;
            deleteCertificateFile(this.fileHandler, sessionId + WebvttCueParser.CHAR_SLASH + keyStoreFile.getFileName());
        }
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public KeyStore getAuthKeyStore(String sessionId) {
        Intrinsics.checkNotNullParameter(sessionId, C6919.m12985("\u0006Oa~ K,p?", (short) (C5480.m11930() ^ (-7567))));
        return readKeyStore(KeyStoreFile.KEYSTORE, sessionId);
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public PrivateKey getAuthPrivateKey(String sessionId) {
        Intrinsics.checkNotNullParameter(sessionId, C7862.m13740("\u0012\u0003\u0010\u000f\u0004\t\u0007`z", (short) (C6025.m12284() ^ (-23886))));
        return getPrivateKey(getAuthKeyStore(sessionId));
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public NuKeyStore getCertificates(String sessionId) {
        Intrinsics.checkNotNullParameter(sessionId, C7933.m13768("\u001e\u000f\u001c\u001b\u0010\u0015\u0013l\u0007", (short) (C8526.m14413() ^ 14273), (short) (C8526.m14413() ^ 30619)));
        return new NuKeyStore(getAuthKeyStore(sessionId), getCryptoKeyStore(sessionId));
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public KeyStore getCryptoKeyStore(String sessionId) {
        Intrinsics.checkNotNullParameter(sessionId, C7252.m13271("Y]E%xjG}z", (short) (C8526.m14413() ^ 29422), (short) (C8526.m14413() ^ 32135)));
        return readKeyStore(KeyStoreFile.KEYSTORE_CRYPTO, sessionId);
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public PrivateKey getCryptoPrivateKey(String sessionId) {
        Intrinsics.checkNotNullParameter(sessionId, C5991.m12255("5p\f\u001fsF\u000ffD", (short) (C6025.m12284() ^ (-887)), (short) (C6025.m12284() ^ (-26306))));
        return getPrivateKey(getCryptoKeyStore(sessionId));
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public PublicKey getCryptoPublicKey(String sessionId) {
        Intrinsics.checkNotNullParameter(sessionId, C5524.m11949("+\u001e-.%,,\b$", (short) (C3128.m10100() ^ (-7339)), (short) (C3128.m10100() ^ (-20542))));
        return getPublicKey(getCryptoKeyStore(sessionId));
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    /* renamed from: getKeyStorePassword, reason: from getter */
    public String getSTORE_KEY() {
        return this.STORE_KEY;
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public String getKeyStorePath(String sessionId) {
        Intrinsics.checkNotNullParameter(sessionId, C2923.m9908("M>KJ?DB\u001c6", (short) (C3941.m10731() ^ 17129)));
        File fileIfExists = this.fileHandler.getFileIfExists(sessionId + WebvttCueParser.CHAR_SLASH + KeyStoreFile.KEYSTORE.getFileName());
        if (fileIfExists != null) {
            return fileIfExists.getPath();
        }
        return null;
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public void persistAuthCertificate(KeyPair keyPair, X509Certificate certificate) {
        Intrinsics.checkNotNullParameter(keyPair, C9286.m14951("9?l|/0R", (short) (C10033.m15480() ^ (-17804)), (short) (C10033.m15480() ^ (-20645))));
        Intrinsics.checkNotNullParameter(certificate, C8988.m14747("WZhka_c^]qc", (short) (C3941.m10731() ^ 26037), (short) (C3941.m10731() ^ 3710)));
        persistCertificate(keyPair, certificate, KeyStoreFile.KEYSTORE);
    }

    @Override // br.com.nubank.certificates.CertificatesManager
    public void persistCryptoCertificate(KeyPair keyPair, X509Certificate certificate) {
        Intrinsics.checkNotNullParameter(keyPair, C7309.m13311("\u0010\t\u001cq\u0002\t\u0011", (short) (C2518.m9621() ^ 23494), (short) (C2518.m9621() ^ 11018)));
        Intrinsics.checkNotNullParameter(certificate, C8506.m14379("\u0016\u0019#& \u001e\u001e\u0019\f \u000e", (short) (C3128.m10100() ^ (-19015))));
        persistCertificate(keyPair, certificate, KeyStoreFile.KEYSTORE_CRYPTO);
    }
}
