package com.worklight.common.security;

import android.app.Activity;
import android.content.Context;
import android.content.pm.PackageManager;
import android.webkit.WebView;
import com.worklight.androidgap.WLDroidGap;
import com.worklight.common.WLUtils;
import com.worklight.utils.Base64;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import java.util.UUID;
import javax.crypto.spec.SecretKeySpec;
import org.json.JSONObject;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/worklight-builder.jar:nativeApp.zip:android/worklight-android.jar:com/worklight/common/security/WLDeviceAuthManager.class
 */
/* loaded from: input_file:lib/worklight-builder.jar:environments.zip:android/native/libs/worklight-android.jar:com/worklight/common/security/WLDeviceAuthManager.class */
public class WLDeviceAuthManager {
    private static WLDeviceAuthManager instance;
    private static char[] keyStorePassword = null;
    private static final String ALG = "alg";
    private static final String JPK = "jpk";
    private static final String X5C = "x5c";
    private static final String MOD = "mod";
    private static final String EXP = "exp";
    private static final String RSA = "RSA";
    private static final String APPLICATION = "application";
    private static final String DEVICE_ID_ALIAS = "DeviceID";
    private Context context;
    private WebView webView;
    private HashMap<String, KeyPair> keyPairHash = new HashMap<>();
    private static final String KEYSTORE_FILENAME = ".keystore";

    public static synchronized WLDeviceAuthManager getInstance() {
        if (instance == null) {
            instance = new WLDeviceAuthManager();
        }
        return instance;
    }

    private WLDeviceAuthManager() {
    }

    public KeyPair generateKeyPair(String str) throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA);
        keyPairGenerator.initialize(512);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        this.keyPairHash.put(getAlias(str), genKeyPair);
        return genKeyPair;
    }

    public void init(Activity activity, WebView webView) {
        this.webView = webView;
        this.context = activity;
    }

    public boolean isCertificateExists(String str) {
        if (this.context == null) {
            return false;
        }
        try {
            return getPrivateKeyEntry(str) != null;
        } catch (Exception e) {
            WLUtils.error("Error checking if certificate exists", e);
            return false;
        }
    }

    private String getAlias(String str) {
        if (!str.equals(APPLICATION)) {
            return str;
        }
        StringBuilder append = new StringBuilder().append("app:");
        return append.append(WLDroidGap.getWLConfig().getAppId()).toString();
    }

    private byte[] signCsrData(String str, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return signature.sign();
    }

    public String signCsr(JSONObject jSONObject, String str) throws Exception {
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put(ALG, "RS256");
        JSONObject jSONObject3 = new JSONObject();
        KeyPair keyPair = this.keyPairHash.get(getAlias(str));
        RSAPublicKey rSAPublicKey = (RSAPublicKey) keyPair.getPublic();
        jSONObject3.put(ALG, RSA);
        jSONObject3.put(MOD, Base64.encodeUrlSafe(rSAPublicKey.getModulus().toByteArray(), "UTF-8"));
        jSONObject3.put(EXP, Base64.encodeUrlSafe(rSAPublicKey.getPublicExponent().toByteArray(), "UTF-8"));
        jSONObject2.put(JPK, jSONObject3);
        String str2 = Base64.encodeUrlSafe(jSONObject2.toString().getBytes(), "UTF-8") + "." + Base64.encodeUrlSafe(jSONObject.toString().getBytes(), "UTF-8");
        return str2 + "." + Base64.encodeUrlSafe(signCsrData(str2, keyPair.getPrivate()), "UTF-8");
    }

    public String signDeviceAuth(String str, String str2, boolean z) throws Exception {
        String str3;
        if (z && isCertificateExists(str2)) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(ALG, "RS256");
            KeyStore.PrivateKeyEntry privateKeyEntry = getPrivateKeyEntry(str2);
            jSONObject.put(X5C, Base64.encodeUrlSafe(privateKeyEntry.getCertificate().getEncoded(), "UTF-8"));
            String str4 = Base64.encodeUrlSafe(jSONObject.toString().getBytes(), "UTF-8") + "." + Base64.encodeUrlSafe(str.getBytes(), "UTF-8");
            str3 = str4 + "." + Base64.encodeUrlSafe(signData(str4, privateKeyEntry.getPrivateKey()), "UTF-8");
        } else {
            str3 = str;
        }
        return str3;
    }

    public void saveCertificate(String str, String str2, String str3) throws Exception {
        if (str2 == null) {
            throw new Exception("cannot save null certificate");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str2.getBytes()));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        saveCertificate(str, x509Certificate, str3);
    }

    public void saveCertificate(String str, Certificate certificate, String str2) throws Exception {
        if (isCertificateExists(str)) {
            throw new Exception("Error - Got a new Certificate, but an older one already exists, exiting process");
        }
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File file = new File(this.context.getFilesDir().getAbsolutePath() + "/" + KEYSTORE_FILENAME);
        FileInputStream fileInputStream = null;
        FileOutputStream fileOutputStream = null;
        try {
            try {
                if (file.exists()) {
                    fileInputStream = new FileInputStream(file);
                    keyStore.load(fileInputStream, keyStorePassword);
                    fileInputStream.close();
                } else {
                    keyStore.load(null, keyStorePassword);
                }
                keyStore.setKeyEntry(getAlias(str), this.keyPairHash.get(getAlias(str)).getPrivate(), keyStorePassword, new Certificate[]{certificate});
                fileOutputStream = new FileOutputStream(file);
                keyStore.store(fileOutputStream, keyStorePassword);
                this.keyPairHash.remove(str2);
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
            } catch (Exception e) {
                WLUtils.error("Error saving certificate", e);
                if (fileOutputStream != null) {
                    fileOutputStream.close();
                }
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
            }
        } catch (Throwable th) {
            if (fileOutputStream != null) {
                fileOutputStream.close();
            }
            if (fileInputStream != null) {
                fileInputStream.close();
            }
            throw th;
        }
    }

    private byte[] signData(String str, PrivateKey privateKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return signature.sign();
    }

    protected KeyStore.PrivateKeyEntry getPrivateKeyEntry(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, PackageManager.NameNotFoundException, UnrecoverableEntryException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File file = new File(this.context.getFilesDir().getAbsolutePath() + "/" + KEYSTORE_FILENAME);
        String alias = getAlias(str);
        FileInputStream fileInputStream = null;
        if (file.exists()) {
            try {
                try {
                    fileInputStream = new FileInputStream(file);
                    keyStore.load(fileInputStream, keyStorePassword);
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(alias, new KeyStore.PasswordProtection(keyStorePassword));
                    if (privateKeyEntry != null) {
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                        return privateKeyEntry;
                    }
                    if (APPLICATION.equalsIgnoreCase(str)) {
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                        return null;
                    }
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                } catch (IOException e) {
                    WLUtils.error("failed getting any certificate from app local keystore", e);
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                }
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th;
            }
        } else {
            if (APPLICATION.equalsIgnoreCase(str)) {
                return null;
            }
            keyStore.load(null, keyStorePassword);
        }
        String[] packagesForUid = this.context.getPackageManager().getPackagesForUid(this.context.getApplicationInfo().uid);
        KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
        for (String str2 : packagesForUid) {
            File file2 = new File(this.context.createPackageContext(str2, 0).getFilesDir().getAbsolutePath() + "/" + KEYSTORE_FILENAME);
            FileInputStream fileInputStream2 = null;
            FileOutputStream fileOutputStream = null;
            if (file2.exists()) {
                try {
                    try {
                        fileInputStream2 = new FileInputStream(file2);
                        keyStore2.load(fileInputStream2, keyStorePassword);
                        KeyStore.PrivateKeyEntry privateKeyEntry2 = (KeyStore.PrivateKeyEntry) keyStore2.getEntry(alias, new KeyStore.PasswordProtection(keyStorePassword));
                        if (privateKeyEntry2 != null) {
                            fileOutputStream = new FileOutputStream(file);
                            keyStore.setKeyEntry(alias, privateKeyEntry2.getPrivateKey(), keyStorePassword, privateKeyEntry2.getCertificateChain());
                            keyStore.store(fileOutputStream, keyStorePassword);
                            fileOutputStream.close();
                            fileInputStream2.close();
                            if (fileInputStream2 != null) {
                                fileInputStream2.close();
                            }
                            if (fileOutputStream != null) {
                                fileOutputStream.close();
                            }
                            return privateKeyEntry2;
                        }
                        fileInputStream2.close();
                        if (fileInputStream2 != null) {
                            fileInputStream2.close();
                        }
                        if (0 != 0) {
                            fileOutputStream.close();
                        }
                    } catch (IOException e2) {
                        WLUtils.error("failed copying certificate to application keystore", e2);
                        if (fileInputStream2 != null) {
                            fileInputStream2.close();
                        }
                        if (fileOutputStream != null) {
                            fileOutputStream.close();
                        }
                    }
                } catch (Throwable th2) {
                    if (fileInputStream2 != null) {
                        fileInputStream2.close();
                    }
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    throw th2;
                }
            }
        }
        return null;
    }

    public void csrCertificateRecieveFailed(String str) {
        WLUtils.error(str);
        ((WLDroidGap) this.context).runOnUiThread(new Runnable() { // from class: com.worklight.common.security.WLDeviceAuthManager.1
            @Override // java.lang.Runnable
            public void run() {
                WLDeviceAuthManager.this.webView.loadUrl("javascript:WL.DiagnosticDialog.showDialog(WL.ClientMessages.wlclientInitFailure, WL.ClientMessages.deviceAuthenticationFail, false, false);");
            }
        });
    }

    public String getDeviceUUID(Context context) throws Exception {
        KeyStore.SecretKeyEntry secretKeyEntry;
        if (this.context == null) {
            this.context = context;
        }
        try {
            secretKeyEntry = (KeyStore.SecretKeyEntry) getSecretKeyEntry(DEVICE_ID_ALIAS);
        } catch (Exception e) {
            secretKeyEntry = null;
        }
        if (secretKeyEntry == null) {
            secretKeyEntry = saveDeviceUUID(DEVICE_ID_ALIAS, UUID.randomUUID().toString());
        }
        if (secretKeyEntry == null) {
            throw new RuntimeException("getDeviceUUID can't retrive device ID from keystore.");
        }
        return new String(secretKeyEntry.getSecretKey().getEncoded());
    }

    private KeyStore.SecretKeyEntry saveDeviceUUID(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File file = new File(this.context.getFilesDir().getAbsolutePath() + "/" + KEYSTORE_FILENAME);
        FileInputStream fileInputStream = null;
        FileOutputStream fileOutputStream = null;
        KeyStore.SecretKeyEntry secretKeyEntry = null;
        try {
            try {
                if (file.exists()) {
                    fileInputStream = new FileInputStream(file);
                    keyStore.load(fileInputStream, keyStorePassword);
                    fileInputStream.close();
                } else {
                    keyStore.load(null, keyStorePassword);
                }
                secretKeyEntry = new KeyStore.SecretKeyEntry(new SecretKeySpec(str2.getBytes(), "DES"));
                keyStore.setEntry(str, secretKeyEntry, new KeyStore.PasswordProtection(keyStorePassword));
                try {
                    fileOutputStream = new FileOutputStream(file);
                    keyStore.store(fileOutputStream, keyStorePassword);
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                } catch (Throwable th) {
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    throw th;
                }
            } catch (Exception e) {
                WLUtils.error("Error saving Device ID", e);
                if (0 != 0) {
                    fileOutputStream.close();
                }
                if (0 != 0) {
                    fileInputStream.close();
                }
            }
            return secretKeyEntry;
        } catch (Throwable th2) {
            if (0 != 0) {
                fileOutputStream.close();
            }
            if (0 != 0) {
                fileInputStream.close();
            }
            throw th2;
        }
    }

    private KeyStore.Entry getSecretKeyEntry(String str) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, PackageManager.NameNotFoundException, UnrecoverableEntryException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File file = new File(this.context.getFilesDir().getAbsolutePath() + "/" + KEYSTORE_FILENAME);
        FileInputStream fileInputStream = null;
        if (file.exists()) {
            try {
                try {
                    fileInputStream = new FileInputStream(file);
                    keyStore.load(fileInputStream, keyStorePassword);
                    KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) keyStore.getEntry(str, new KeyStore.PasswordProtection(keyStorePassword));
                    if (secretKeyEntry != null) {
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                        return secretKeyEntry;
                    }
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                } catch (IOException e) {
                    WLUtils.error("Failed getting any device ID from app local keystore", e);
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                }
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th;
            }
        } else {
            keyStore.load(null, keyStorePassword);
        }
        String[] packagesForUid = this.context.getPackageManager().getPackagesForUid(this.context.getApplicationInfo().uid);
        KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
        for (String str2 : packagesForUid) {
            File file2 = new File(this.context.createPackageContext(str2, 0).getFilesDir().getAbsolutePath() + "/" + KEYSTORE_FILENAME);
            FileInputStream fileInputStream2 = null;
            FileOutputStream fileOutputStream = null;
            if (file2.exists()) {
                try {
                    try {
                        fileInputStream2 = new FileInputStream(file2);
                        keyStore2.load(fileInputStream2, keyStorePassword);
                        KeyStore.Entry entry = keyStore2.getEntry(str, new KeyStore.PasswordProtection(keyStorePassword));
                        if (entry != null) {
                            fileOutputStream = new FileOutputStream(file);
                            keyStore.setEntry(str, entry, new KeyStore.PasswordProtection(keyStorePassword));
                            keyStore.store(fileOutputStream, keyStorePassword);
                            fileOutputStream.close();
                            fileInputStream2.close();
                            if (fileInputStream2 != null) {
                                fileInputStream2.close();
                            }
                            if (fileOutputStream != null) {
                                fileOutputStream.close();
                            }
                            return entry;
                        }
                        fileInputStream2.close();
                        if (fileInputStream2 != null) {
                            fileInputStream2.close();
                        }
                        if (0 != 0) {
                            fileOutputStream.close();
                        }
                    } catch (IOException e2) {
                        WLUtils.error("failed copying Device ID to application keystore", e2);
                        if (fileInputStream2 != null) {
                            fileInputStream2.close();
                        }
                        if (fileOutputStream != null) {
                            fileOutputStream.close();
                        }
                    }
                } catch (Throwable th2) {
                    if (fileInputStream2 != null) {
                        fileInputStream2.close();
                    }
                    if (fileOutputStream != null) {
                        fileOutputStream.close();
                    }
                    throw th2;
                }
            }
        }
        return null;
    }
}
