package com.honeywell.hsps.certificateservice;

import android.security.Credentials;
import android.security.KeyStore;
import android.util.Log;
import java.io.File;
import java.io.IOException;
import java.io.Serializable;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;

/* loaded from: classes.dex */
public class CertificateServiceHelper {
    private static final int MAX_FILE_SIZE = 1000000;
    private static final String PKEY_MAP_KEY = "PKEY_MAP";
    private static final String TAG = CertificateServiceHelper.class.getSimpleName();

    /* loaded from: classes.dex */
    class MyMap extends LinkedHashMap<String, byte[]> implements Serializable {
        private static final long serialVersionUID = 1;

        private MyMap() {
        }

        @Override // java.util.LinkedHashMap
        protected boolean removeEldestEntry(Map.Entry<String, byte[]> entry) {
            return size() > 3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean deleteCredentials(KeyStore keyStore, String str) {
        Log.d(TAG, "deleteCredentials");
        boolean delKey = keyStore.delKey("USRPKEY_" + str) | keyStore.delete("USRCERT_" + str) | keyStore.delete("CACERT_" + str);
        if (!delKey) {
            Log.e(TAG, "deleteCredentials: deleteAllTypesForAlias failed");
        }
        return delKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Map<String, byte[]> getPkeyMap(KeyStore keyStore) {
        Map<String, byte[]> map;
        byte[] bArr = keyStore.get(PKEY_MAP_KEY);
        return (bArr == null || (map = (Map) Util.fromBytes(bArr)) == null) ? new MyMap() : map;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean installCredentials(CredentialHelper credentialHelper, KeyStore keyStore) {
        Log.d(TAG, "installCredentials");
        try {
            if (credentialHelper.mUserKey != null) {
                String str = "USRPKEY_" + credentialHelper.getName();
                if (!keyStore.importKey(str, credentialHelper.mUserKey.getEncoded())) {
                    Log.e(TAG, "Failed to install " + str);
                    return false;
                }
                Log.i(TAG, "installCredentials: Installed Credentials.USER_PRIVATE_KEY");
            }
            if (credentialHelper.mUserCert != null) {
                String str2 = "USRCERT_" + credentialHelper.getName();
                if (!keyStore.put(str2, Credentials.convertToPem(new Certificate[]{credentialHelper.mUserCert}))) {
                    Log.e(TAG, "Failed to install " + str2);
                    return false;
                }
                Log.i(TAG, "installCredentials: Installed Credentials.USER_CERTIFICATE");
            }
            if (!credentialHelper.mCaCerts.isEmpty()) {
                String str3 = "CACERT_" + credentialHelper.getName();
                if (!keyStore.put(str3, Credentials.convertToPem((X509Certificate[]) credentialHelper.mCaCerts.toArray(new X509Certificate[credentialHelper.mCaCerts.size()])))) {
                    Log.e(TAG, "Failed to install " + str3);
                    return false;
                }
                Log.i(TAG, "installCredentials: Installed Credentials.CA_CERTIFICATE");
            }
            return true;
        } catch (IOException e) {
            Log.e(TAG, "installCredentials: IOException " + e);
            return false;
        } catch (CertificateEncodingException e2) {
            Log.e(TAG, "installCredentials: CertificateEncodingException " + e2);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isFileAcceptable(String str) {
        boolean z = str.endsWith(".crt") || str.endsWith(".p12") || str.endsWith(".cer") || str.endsWith(".pfx");
        if (!z) {
            Log.e(TAG, "isFileAcceptable: no");
        }
        return z;
    }

    public List<CertificateMetaData> listCredentials(KeyStore keyStore) {
        Log.d(TAG, "listCredentials");
        ArrayList arrayList = new ArrayList();
        Credentials.getInstance();
        String[] saw = KeyStore.getInstance().saw("USRCERT_");
        if (saw != null && saw.length > 0) {
            Log.i(TAG, "listCredentials: have Credentials.USER_CERTIFICATE");
            for (String str : saw) {
                Log.i(TAG, "listCredentials: cert " + str);
                try {
                    for (X509Certificate x509Certificate : Credentials.convertFromPem(keyStore.get("USRCERT_" + str))) {
                        arrayList.add(new CertificateMetaData(x509Certificate.getSerialNumber().toString(), x509Certificate.getSubjectDN().toString(), x509Certificate.getIssuerDN().toString(), x509Certificate.getNotBefore(), x509Certificate.getNotAfter(), str));
                    }
                } catch (IOException e) {
                    Log.e(TAG, "listCredentials: IOException " + e);
                } catch (CertificateException e2) {
                    Log.e(TAG, "listCredentials: CertificateException " + e2);
                }
            }
        }
        String[] saw2 = KeyStore.getInstance().saw("CACERT_");
        if (saw2 != null && saw2.length > 0) {
            Log.i(TAG, "listCredentials: have Credentials.CA_CERTIFICATE");
            for (String str2 : saw2) {
                Log.i(TAG, "listCredentials: cert " + str2);
                try {
                    for (X509Certificate x509Certificate2 : Credentials.convertFromPem(keyStore.get("CACERT_" + str2))) {
                        arrayList.add(new CertificateMetaData(x509Certificate2.getSerialNumber().toString(), x509Certificate2.getSubjectDN().toString(), x509Certificate2.getIssuerDN().toString(), x509Certificate2.getNotBefore(), x509Certificate2.getNotAfter(), str2));
                    }
                } catch (IOException e3) {
                    Log.e(TAG, "listCredentials: IOException " + e3);
                } catch (CertificateException e4) {
                    Log.e(TAG, "listCredentials: CertificateException " + e4);
                }
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] loadFile(String str) {
        File file = new File(str);
        if (!file.exists()) {
            return null;
        }
        if (file.length() < 1000000) {
            return Util.readFile(file);
        }
        Log.e(TAG, "loadFile: >= MAX_FILE_SIZE");
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void savePkeyMap(KeyStore keyStore, Map<String, byte[]> map) {
        if (map.isEmpty()) {
            if (keyStore.delete(PKEY_MAP_KEY)) {
                return;
            }
            Log.w(TAG, "savePkeyMap(): failed to delete pkey map");
        } else {
            if (keyStore.put(PKEY_MAP_KEY, Util.toBytes(map))) {
                return;
            }
            Log.w(TAG, "savePkeyMap(): failed to write pkey map");
        }
    }
}
