package com.samsung.android.scloud.keystore;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Base64;
import javax.security.auth.x500.X500Principal;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class CertificateManager {
    private String CERT_ALGORITHM = "SHA256withRSA";
    private String LINE_SEPARATOR = System.getProperty("line.separator");
    private String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----";
    private String END_CERTIFICATE = "-----END CERTIFICATE-----";

    /* JADX INFO: Access modifiers changed from: package-private */
    public Certificate[] from(String str) throws IOException, CertificateException {
        StringBuilder sb = new StringBuilder();
        try {
            StringReader stringReader = new StringReader(str);
            try {
                BufferedReader bufferedReader = new BufferedReader(stringReader);
                try {
                    ArrayList arrayList = new ArrayList();
                    while (true) {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        }
                        if (this.BEGIN_CERTIFICATE.equals(readLine)) {
                            sb.setLength(0);
                        } else if (this.END_CERTIFICATE.equals(readLine)) {
                            arrayList.add(CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(sb.toString()))));
                            sb.setLength(0);
                        } else {
                            sb.append(readLine);
                        }
                    }
                    if (arrayList.size() <= 0) {
                        bufferedReader.close();
                        stringReader.close();
                        return null;
                    }
                    Certificate[] certificateArr = (Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]);
                    bufferedReader.close();
                    stringReader.close();
                    return certificateArr;
                } finally {
                }
            } catch (Throwable th) {
                try {
                    throw th;
                } catch (Throwable th2) {
                    try {
                        stringReader.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                    throw th2;
                }
            }
        } catch (IOException | CertificateException e) {
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String generatePKCS10(String str, KeyPair keyPair) throws IOException, OperatorCreationException {
        return new String(Base64.getEncoder().encode(new JcaPKCS10CertificationRequestBuilder(new X500Principal("CN=" + str + ", O=Samsung Electronics, OU=CSP, C=KR"), keyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256WithRSA").build(keyPair.getPrivate())).getEncoded()), StandardCharsets.UTF_8);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] sign(byte[] bArr, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance(this.CERT_ALGORITHM);
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Certificate toCertificate(String str) throws CertificateException {
        return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(str)));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String toString(Certificate certificate) throws CertificateEncodingException {
        return this.BEGIN_CERTIFICATE + this.LINE_SEPARATOR + new String(Base64.getEncoder().encode(certificate.getEncoded()), StandardCharsets.UTF_8) + this.LINE_SEPARATOR + this.END_CERTIFICATE;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean verify(byte[] bArr, byte[] bArr2, String str) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, CertificateException {
        Certificate[] from = from(str);
        Signature signature = Signature.getInstance(this.CERT_ALGORITHM);
        signature.initVerify(from[0].getPublicKey());
        signature.update(bArr);
        return signature.verify(bArr2);
    }
}
