package at.hale.fiscalslovenia.tax;

import android.content.Context;
import android.text.TextUtils;
import at.hale.fiscalslovenia.Metadata;
import com.netinformatika.pinktaxibeogradtg.R;
import com.netzarchitekten.tools.security.BaseAuthenticator;
import com.netzarchitekten.tools.security.TlsSocketFactory;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.SSLSocketFactory;

/* loaded from: classes.dex */
public class Authenticator extends BaseAuthenticator {
    protected static Authenticator sInstance;
    protected String mCurrentEnv;
    protected PrivateKey mPrivateKey;
    protected X509Certificate mPublicCert;
    protected List<PublicKey> mServerPublicKeys;
    private static final String TESTING_ENV_CERT_OLD = "test-sign.cer";
    private static final String TESTING_ENV_CERT = "DavPotRacTEST.cer";
    private static final String[] TESTING_ENV_CERT_LIST = {TESTING_ENV_CERT_OLD, TESTING_ENV_CERT};
    private static final String PRODUCTION_ENV_CERT_OLD = "DavPotRac.cer";
    private static final String PRODUCTION_ENV_CERT = "DavPotRac_2020.cer";
    private static final String[] PRODUCTION_ENV_CERT_LIST = {PRODUCTION_ENV_CERT_OLD, PRODUCTION_ENV_CERT};
    private static final String[] CERT_FILES = {"sitest-ca.cer", "TaxCATest.cer", TESTING_ENV_CERT, TESTING_ENV_CERT_OLD, "test-tls.cer", "blagajne.fu.gov.si-20151110-20181111.cer", "blagajne.fu.gov.si-20181010-20210110.cer", PRODUCTION_ENV_CERT, PRODUCTION_ENV_CERT_OLD, "sigov-ca-20010110-20210110.crt", "sigov-ca-20160524-20351222.crt"};

    protected Authenticator(Context context) {
        super(context);
        this.mPrivateKey = null;
        this.mPublicCert = null;
        this.mServerPublicKeys = new ArrayList();
        this.mCurrentEnv = ConnectionFactory.PRODUCTION_ENV;
    }

    public static Authenticator getInstance(Context context) {
        if (sInstance == null) {
            sInstance = new Authenticator(context.getApplicationContext());
        }
        return sInstance;
    }

    public static void invalidateCache() {
        Authenticator authenticator = sInstance;
        if (authenticator != null) {
            authenticator.mSocketFactory = null;
            sInstance.mServerCertKeyStore = null;
            sInstance.mUserCertKeyStore = null;
            Authenticator authenticator2 = sInstance;
            authenticator2.mPrivateKey = null;
            authenticator2.mPublicCert = null;
        }
    }

    private static boolean isValid(Certificate certificate) {
        try {
            ((X509Certificate) certificate).checkValidity();
            return true;
        } catch (CertificateExpiredException e) {
            e.printStackTrace();
            return false;
        } catch (CertificateNotYetValidException e2) {
            e2.printStackTrace();
            return false;
        }
    }

    protected String[] getCertFiles() {
        return CERT_FILES;
    }

    public SSLSocketFactory getFactory() throws CertificateException {
        try {
            return build();
        } catch (IOException e) {
            throw new CertificateException(this.mContext.getString(R.id.alertTitle), e);
        } catch (KeyManagementException e2) {
            e = e2;
            throw new CertificateException(this.mContext.getString(R.id.BOTTOM_START), e);
        } catch (KeyStoreException e3) {
            e = e3;
            throw new CertificateException(this.mContext.getString(R.id.BOTTOM_START), e);
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            throw new CertificateException(this.mContext.getString(R.id.BOTTOM_START), e);
        } catch (UnrecoverableKeyException e5) {
            throw new CertificateException(this.mContext.getString(R.id.aboutDialogDeviceIdSection), e5);
        }
    }

    public PrivateKey getPrivateKey() throws CertificateException {
        if (this.mPrivateKey == null) {
            loadUserCert();
        }
        return this.mPrivateKey;
    }

    public X509Certificate getPublicCert() throws CertificateException {
        if (this.mPublicCert == null) {
            loadUserCert();
        }
        return this.mPublicCert;
    }

    public List<PublicKey> getServerPublicKeys(String str) throws CertificateException {
        if (this.mServerPublicKeys.isEmpty() || !this.mCurrentEnv.equals(str)) {
            this.mServerPublicKeys.clear();
            this.mCurrentEnv = str;
            String[] strArr = ConnectionFactory.TESTING_ENV.equals(str) ? TESTING_ENV_CERT_LIST : PRODUCTION_ENV_CERT_LIST;
            try {
                KeyStore underlyingKeyStore = getServerCertKeyStore().getUnderlyingKeyStore();
                for (String str2 : strArr) {
                    if (isValid(underlyingKeyStore.getCertificate(str2))) {
                        this.mServerPublicKeys.add(underlyingKeyStore.getCertificate(str2).getPublicKey());
                    }
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException e) {
                throw new CertificateException(this.mContext.getString(R.id.BOTTOM_END), e);
            }
        }
        return this.mServerPublicKeys;
    }

    protected String[] getSupportedProtocols() {
        return TlsSocketFactory.TLS_10_11_12;
    }

    protected InputStream getUserCertificate() throws FileNotFoundException {
        return Metadata.getInstance(this.mContext).getCertificate();
    }

    protected String getUserCertificatePassword() throws UnrecoverableKeyException {
        String certificatePassword = Metadata.getInstance(this.mContext).getCertificatePassword();
        if (TextUtils.isEmpty(certificatePassword)) {
            throw new UnrecoverableKeyException();
        }
        return certificatePassword;
    }

    protected void loadUserCert() throws CertificateException {
        try {
            KeyStore underlyingKeyStore = getUserCertKeyStore().getUnderlyingKeyStore();
            Iterator it = Collections.list(underlyingKeyStore.aliases()).iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (this.mPrivateKey == null && underlyingKeyStore.isKeyEntry(str) && (underlyingKeyStore.getKey(str, null) instanceof PrivateKey)) {
                    this.mPrivateKey = (PrivateKey) underlyingKeyStore.getKey(str, null);
                    KeyStore.Entry entry = underlyingKeyStore.getEntry(str, null);
                    if (entry instanceof KeyStore.PrivateKeyEntry) {
                        Certificate certificate = ((KeyStore.PrivateKeyEntry) entry).getCertificate();
                        if (certificate instanceof X509Certificate) {
                            this.mPublicCert = (X509Certificate) certificate;
                        }
                    }
                }
            }
            if (this.mPrivateKey == null || this.mPublicCert == null) {
                throw new CertificateException(this.mContext.getString(R.id.alertTitle));
            }
        } catch (IOException e) {
            e = e;
            throw new CertificateException(this.mContext.getString(R.id.alertTitle), e);
        } catch (KeyStoreException e2) {
            e = e2;
            throw new CertificateException(this.mContext.getString(R.id.BOTTOM_START), e);
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            throw new CertificateException(this.mContext.getString(R.id.BOTTOM_START), e);
        } catch (UnrecoverableEntryException e4) {
            e = e4;
            throw new CertificateException(this.mContext.getString(R.id.alertTitle), e);
        }
    }
}
