package slowscript.warpinator;

import android.util.Log;
import com.google.gson.stream.JsonToken$EnumUnboxingLocalUtility;
import com.google.protobuf.TextFormatEscaper$2;
import io.grpc.okhttp.OkHttpFrameLogger;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.atomic.AtomicLong;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.asn1.ASN1Exception;
import org.bouncycastle.asn1.ASN1ParsingException;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.ExtensionsGenerator;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.Time;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.pqc.crypto.slhdsa.PK;
import org.bouncycastle.util.encoders.Base64;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
import org.conscrypt.BuildConfig;
import org.openjax.security.nacl.TweetNaclFast;

/* loaded from: classes.dex */
public abstract class Authenticator {
    public static Exception certException = null;
    public static final long expireTime = 86400000 * 30;
    public static String groupCode = "Warpinator";

    public static SSLSocketFactory createSSLSocketFactory(String str) {
        File file = new File(Utils.getCertsDir(), JsonToken$EnumUnboxingLocalUtility.m(str, ".pem"));
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setCertificateEntry(file.getName(), getX509fromFile(file));
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
        return sSLContext.getSocketFactory();
    }

    public static byte[] getBoxedCertificate() {
        int length;
        byte[] bArr = new byte[0];
        try {
            byte[] digest = MessageDigest.getInstance("SHA-256").digest(groupCode.getBytes(StandardCharsets.UTF_8));
            new AtomicLong(68L);
            byte[] bArr2 = new byte[24];
            TweetNaclFast.jrandom.nextBytes(bArr2);
            byte[] serverCertificate = getServerCertificate();
            byte[] bArr3 = null;
            if (serverCertificate != null && serverCertificate.length >= (length = serverCertificate.length)) {
                int i = length + 32;
                byte[] bArr4 = new byte[i];
                byte[] bArr5 = new byte[i];
                for (int i2 = 0; i2 < length; i2++) {
                    bArr4[i2 + 32] = serverCertificate[i2];
                }
                if (i < 32) {
                    byte[] bArr6 = TweetNaclFast.sigma;
                } else {
                    TweetNaclFast.cryptoStreamXor(bArr5, bArr4, i, bArr2, digest);
                    TweetNaclFast.cryptoOneTimeAuth(bArr5, 16, bArr5, length, bArr5);
                    int i3 = length + 16;
                    bArr3 = new byte[i3];
                    for (int i4 = 0; i4 < i3; i4++) {
                        bArr3[i4] = bArr5[i4 + 16];
                    }
                }
            }
            bArr = new byte[bArr3.length + 24];
            System.arraycopy(bArr2, 0, bArr, 0, 24);
            System.arraycopy(bArr3, 0, bArr, 24, bArr3.length);
            return bArr;
        } catch (Exception e) {
            Log.wtf("AUTH", "WADUHEK", e);
            return bArr;
        }
    }

    public static byte[] getServerCertificate() {
        byte[] bArr = null;
        try {
            Log.d("AUTH", "Loading server certificate...");
            certException = null;
            File file = new File(Utils.getCertsDir(), ".self.pem");
            X509Certificate x509fromFile = getX509fromFile(file);
            x509fromFile.checkValidity();
            if (!((String) ((List) x509fromFile.getSubjectAlternativeNames().toArray()[0]).get(1)).equals(Utils.getIPAddress())) {
                throw new Exception();
            }
            RandomAccessFile randomAccessFile = new RandomAccessFile(file, "r");
            try {
                byte[] bArr2 = new byte[(int) randomAccessFile.length()];
                randomAccessFile.readFully(bArr2);
                randomAccessFile.close();
                return bArr2;
            } finally {
            }
        } catch (Exception unused) {
            String deviceName = Utils.getDeviceName();
            try {
                Log.d("AUTH", "Creating new server certificate...");
                String iPAddress = Utils.getIPAddress();
                Security.addProvider(new BouncyCastleProvider());
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(2048, new SecureRandom());
                KeyPair genKeyPair = keyPairGenerator.genKeyPair();
                long currentTimeMillis = System.currentTimeMillis();
                String replaceAll = deviceName.replaceAll("[^a-zA-Z0-9]", BuildConfig.FLAVOR);
                if (replaceAll.trim().isEmpty()) {
                    replaceAll = "android";
                }
                X500Name x500Name = new X500Name("CN=".concat(replaceAll));
                BigInteger bigInteger = new BigInteger(Long.toString(currentTimeMillis));
                Date date = new Date(currentTimeMillis - 86400000);
                Locale locale = Locale.ENGLISH;
                OkHttpFrameLogger okHttpFrameLogger = new OkHttpFrameLogger(x500Name, bigInteger, new Time(date, locale), new Time(new Date(currentTimeMillis + expireTime), locale), x500Name, genKeyPair.getPublic());
                try {
                    ((ExtensionsGenerator) okHttpFrameLogger.level).addExtension(X509Extensions.SubjectAlternativeName, new GeneralNames(new GeneralName(iPAddress)));
                    X509CertificateHolder build = okHttpFrameLogger.build(new OkHttpFrameLogger(24).build(genKeyPair.getPrivate()));
                    saveCertOrKey(".self.key-pem", genKeyPair.getPrivate().getEncoded(), true);
                    bArr = build.x509Certificate.getEncoded();
                } catch (IOException e) {
                    StringBuffer stringBuffer = new StringBuffer("cannot encode extension: ");
                    stringBuffer.append(e.getMessage());
                    ASN1Exception aSN1Exception = new ASN1Exception(stringBuffer.toString(), 1);
                    aSN1Exception.cause = e;
                    throw aSN1Exception;
                }
            } catch (Exception e2) {
                Log.e("AUTH", "Failed to create certificate", e2);
                certException = e2;
            }
            if (bArr != null) {
                saveCertOrKey(".self.pem", bArr, false);
            }
            return bArr;
        }
    }

    /* JADX WARN: Type inference failed for: r1v9, types: [org.bouncycastle.util.io.pem.PemObject, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r6v3, types: [org.bouncycastle.util.io.pem.PemHeader, java.lang.Object] */
    public static X509Certificate getX509fromFile(File file) {
        String readLine;
        PemObject pemObject;
        String trim;
        int indexOf;
        String readLine2;
        BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            }
        } while (!readLine.startsWith("-----BEGIN "));
        if (readLine == null || (indexOf = (trim = readLine.substring(11).trim()).indexOf(45)) <= 0 || !trim.endsWith("-----") || trim.length() - indexOf != 5) {
            pemObject = null;
        } else {
            String substring = trim.substring(0, indexOf);
            StringBuffer stringBuffer = new StringBuffer("-----END ");
            stringBuffer.append(substring);
            stringBuffer.append("-----");
            String stringBuffer2 = stringBuffer.toString();
            StringBuffer stringBuffer3 = new StringBuffer();
            ArrayList arrayList = new ArrayList();
            while (true) {
                readLine2 = bufferedReader.readLine();
                if (readLine2 == null) {
                    break;
                }
                int indexOf2 = readLine2.indexOf(58);
                if (indexOf2 >= 0) {
                    String substring2 = readLine2.substring(0, indexOf2);
                    String trim2 = readLine2.substring(indexOf2 + 1).trim();
                    ?? obj = new Object();
                    obj.name = substring2;
                    obj.value = trim2;
                    arrayList.add(obj);
                } else {
                    if (System.getProperty("org.bouncycastle.pemreader.lax", "false").equalsIgnoreCase("true")) {
                        String trim3 = readLine2.trim();
                        if (!trim3.equals(readLine2)) {
                            Level level = Level.WARNING;
                            Logger logger = PemReader.LOG;
                            if (logger.isLoggable(level)) {
                                logger.log(level, "PEM object contains whitespaces on -----END line", (Throwable) new Exception("trace"));
                            }
                        }
                        readLine2 = trim3;
                    }
                    if (readLine2.indexOf(stringBuffer2) == 0) {
                        break;
                    }
                    stringBuffer3.append(readLine2.trim());
                }
            }
            if (readLine2 == null) {
                StringBuffer stringBuffer4 = new StringBuffer();
                stringBuffer4.append(stringBuffer2);
                stringBuffer4.append(" not found");
                throw new IOException(stringBuffer4.toString());
            }
            String stringBuffer5 = stringBuffer3.toString();
            PK pk = Base64.encoder;
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream((stringBuffer5.length() / 4) * 3);
            try {
                Base64.encoder.decode(stringBuffer5, byteArrayOutputStream);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                ?? obj2 = new Object();
                Collections.unmodifiableList(arrayList);
                obj2.content = byteArray;
                pemObject = obj2;
            } catch (Exception e) {
                StringBuffer stringBuffer6 = new StringBuffer("unable to decode base64 string: ");
                stringBuffer6.append(e.getMessage());
                throw new ASN1ParsingException(stringBuffer6.toString(), e, 1);
            }
        }
        bufferedReader.close();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(pemObject.content);
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
            byteArrayInputStream.close();
            return x509Certificate;
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static boolean saveBoxedCert(byte[] bArr, String str) {
        try {
            TextFormatEscaper$2 textFormatEscaper$2 = new TextFormatEscaper$2(1, MessageDigest.getInstance("SHA-256").digest(groupCode.getBytes("UTF-8")));
            byte[] bArr2 = new byte[24];
            byte[] bArr3 = new byte[bArr.length - 24];
            System.arraycopy(bArr, 0, bArr2, 0, 24);
            System.arraycopy(bArr, 24, bArr3, 0, bArr.length - 24);
            byte[] open = textFormatEscaper$2.open(bArr3, bArr2);
            if (open == null) {
                Log.w("AUTH", "Failed to unbox cert. Wrong group code?");
                return false;
            }
            saveCertOrKey(str + ".pem", open, false);
            return true;
        } catch (Exception e) {
            Log.e("AUTH", "Failed to unbox and save certificate", e);
            return false;
        }
    }

    public static void saveCertOrKey(String str, byte[] bArr, boolean z) {
        String str2;
        String str3;
        File certsDir = Utils.getCertsDir();
        if (!certsDir.exists()) {
            certsDir.mkdir();
        }
        File file = new File(certsDir, str);
        if (z) {
            str2 = "-----BEGIN PRIVATE KEY-----\n";
            str3 = "-----END PRIVATE KEY-----";
        } else {
            str2 = "-----BEGIN CERTIFICATE-----\n";
            str3 = "-----END CERTIFICATE-----";
        }
        String str4 = str2 + android.util.Base64.encodeToString(bArr, 0) + str3;
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file, false);
            try {
                fileOutputStream.write(str4.getBytes());
                fileOutputStream.close();
            } finally {
            }
        } catch (Exception e) {
            Log.w("AUTH", "Failed to save certificate or private key: " + str);
            e.printStackTrace();
        }
    }
}
