package net.shidawei.http;

import android.util.Log;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.Socket;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.Random;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.DERSequence;
import org.spongycastle.asn1.x500.X500NameBuilder;
import org.spongycastle.asn1.x500.style.BCStyle;
import org.spongycastle.asn1.x509.BasicConstraints;
import org.spongycastle.asn1.x509.ExtendedKeyUsage;
import org.spongycastle.asn1.x509.KeyPurposeId;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.spongycastle.jce.X509KeyUsage;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.jce.provider.JDKKeyStore;
import org.spongycastle.operator.ContentSigner;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes.dex */
public final class ModSSL {

    /* loaded from: classes.dex */
    public static final class CertificateFactory {
        private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
        public static final int DEFAULT_KEY_SIZE = 1024;

        public static KeyPair generateRSAKeyPair(int i) throws NoSuchAlgorithmException {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(i);
            return keyPairGenerator.genKeyPair();
        }

        public static X509Certificate generateRootCertificate(KeyPair keyPair, String str) throws NoSuchAlgorithmException, OperatorCreationException, CertificateException, KeyStoreException, UnrecoverableKeyException, IOException, InvalidKeyException, NoSuchPaddingException, InvalidParameterSpecException, InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
            X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
            x500NameBuilder.addRDN(BCStyle.CN, str);
            Calendar calendar = Calendar.getInstance();
            calendar.add(1, 1);
            ContentSigner build = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(keyPair.getPrivate());
            JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500NameBuilder.build(), new BigInteger(80, new Random()), new Date(System.currentTimeMillis() - 50000), calendar.getTime(), x500NameBuilder.build(), keyPair.getPublic());
            jcaX509v3CertificateBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.19"), true, new BasicConstraints(true));
            jcaX509v3CertificateBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, new X509KeyUsage(128));
            jcaX509v3CertificateBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true, new ExtendedKeyUsage(KeyPurposeId.id_kp_serverAuth));
            return new JcaX509CertificateConverter().setProvider(BC).getCertificate(jcaX509v3CertificateBuilder.build(build));
        }

        public static X509Certificate generateSignedCertificate(X509Certificate x509Certificate, PrivateKey privateKey, PublicKey publicKey, String str) throws NoSuchAlgorithmException, OperatorCreationException, CertificateException, KeyStoreException, UnrecoverableKeyException, IOException, InvalidKeyException, NoSuchPaddingException, InvalidParameterSpecException, InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
            X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
            x500NameBuilder.addRDN(BCStyle.CN, str);
            Calendar calendar = Calendar.getInstance();
            calendar.add(1, 1);
            ContentSigner build = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(privateKey);
            JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x509Certificate, new BigInteger(80, new Random()), new Date(System.currentTimeMillis() - 50000), calendar.getTime(), new X500Principal(x500NameBuilder.build().getEncoded()), publicKey);
            jcaX509v3CertificateBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, new X509KeyUsage(32));
            jcaX509v3CertificateBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true, new DERSequence(KeyPurposeId.id_kp_serverAuth));
            return new JcaX509CertificateConverter().setProvider(BC).getCertificate(jcaX509v3CertificateBuilder.build(build));
        }
    }

    /* loaded from: classes.dex */
    public static final class X509KeyManager implements javax.net.ssl.X509KeyManager {
        public static final String TAG = "X509KeyManager";
        private final JDKKeyStore.BouncyCastleStore mKeyStore = new JDKKeyStore.BouncyCastleStore();
        private char[] mPassword;

        static {
            Security.addProvider(new BouncyCastleProvider());
        }

        private X509KeyManager() {
        }

        public X509KeyManager(char[] cArr, String str) throws Exception {
            this.mPassword = cArr;
            try {
                Log.d(TAG, "Generation of CA certificate...");
                KeyPair generateRSAKeyPair = CertificateFactory.generateRSAKeyPair(1024);
                this.mKeyStore.engineSetKeyEntry("root", generateRSAKeyPair.getPrivate(), this.mPassword, new Certificate[]{CertificateFactory.generateRootCertificate(generateRSAKeyPair, str)});
            } catch (Exception e) {
                Log.e(TAG, "Failed to generate certificate !");
                e.printStackTrace();
                throw e;
            }
        }

        public static synchronized X509KeyManager loadFromKeyStore(InputStream inputStream, char[] cArr) throws IOException {
            X509KeyManager x509KeyManager;
            synchronized (X509KeyManager.class) {
                Log.d(TAG, "Loading certificates from file...");
                x509KeyManager = new X509KeyManager();
                x509KeyManager.mKeyStore.engineLoad(inputStream, cArr);
                x509KeyManager.mPassword = cArr;
            }
            return x509KeyManager;
        }

        @Override // javax.net.ssl.X509KeyManager
        public synchronized String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            Log.d(TAG, "chooseClientAlias");
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public synchronized String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            String hostAddress;
            hostAddress = socket != null ? socket.getLocalAddress().getHostAddress() : "0.0.0.0";
            if (!str.equals("RSA")) {
                hostAddress = null;
            } else if (!this.mKeyStore.engineContainsAlias(hostAddress)) {
                try {
                    X509Certificate x509Certificate = (X509Certificate) this.mKeyStore.engineGetCertificate("root");
                    PrivateKey privateKey = (PrivateKey) this.mKeyStore.engineGetKey("root", this.mPassword);
                    KeyPair generateRSAKeyPair = CertificateFactory.generateRSAKeyPair(1024);
                    this.mKeyStore.engineSetKeyEntry(hostAddress, generateRSAKeyPair.getPrivate(), this.mPassword, new Certificate[]{CertificateFactory.generateSignedCertificate(x509Certificate, privateKey, generateRSAKeyPair.getPublic(), hostAddress)});
                } catch (Exception e) {
                    Log.e(TAG, "Failed to generate certificate for CN: " + hostAddress);
                    e.printStackTrace();
                    hostAddress = null;
                }
            }
            return hostAddress;
        }

        @Override // javax.net.ssl.X509KeyManager
        public synchronized X509Certificate[] getCertificateChain(String str) {
            return new X509Certificate[]{(X509Certificate) this.mKeyStore.engineGetCertificate(str), (X509Certificate) this.mKeyStore.engineGetCertificate("root")};
        }

        @Override // javax.net.ssl.X509KeyManager
        public synchronized String[] getClientAliases(String str, Principal[] principalArr) {
            Log.d(TAG, "getClientAliases");
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public synchronized PrivateKey getPrivateKey(String str) {
            PrivateKey privateKey;
            try {
                privateKey = (PrivateKey) this.mKeyStore.engineGetKey(str, this.mPassword);
            } catch (Exception e) {
                Log.d(TAG, "Alias: \"" + str + "\" not found in the keystore !");
                privateKey = null;
            }
            return privateKey;
        }

        @Override // javax.net.ssl.X509KeyManager
        public synchronized String[] getServerAliases(String str, Principal[] principalArr) {
            String[] strArr;
            Log.d(TAG, "getServersAliases");
            if (str.equals("RSA")) {
                int i = 0;
                Enumeration engineAliases = this.mKeyStore.engineAliases();
                strArr = new String[this.mKeyStore.engineSize()];
                while (true) {
                    int i2 = i;
                    if (!engineAliases.hasMoreElements()) {
                        break;
                    }
                    i = i2 + 1;
                    strArr[i2] = (String) engineAliases.nextElement();
                }
            } else {
                strArr = null;
            }
            return strArr;
        }

        public synchronized void saveToKeyStore(OutputStream outputStream, char[] cArr) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidParameterSpecException, InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, KeyStoreException, CertificateException, IOException {
            this.mKeyStore.engineStore(outputStream, cArr);
        }
    }
}
