package kiwi.root.an2linuxclient.b;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.util.Base64;
import android.util.Log;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import java.util.Random;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.spongycastle.asn1.x500.X500NameBuilder;
import org.spongycastle.asn1.x500.style.BCStyle;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes.dex */
public final class c {
    public static final String[] a = {"TLSv1.2"};
    public static final String[] b = {"TLSv1"};
    public static final String[] c = {"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"};
    public static final String[] d = {"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"};
    public static final String[] e = {"TLS_DHE_RSA_WITH_AES_256_CBC_SHA"};

    public static SSLContext a() {
        try {
            SSLContext sSLContext = SSLContext.getInstance(a[0]);
            sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: kiwi.root.an2linuxclient.b.c.1
                @Override // javax.net.ssl.X509TrustManager
                public final void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public final void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public final X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }}, null);
            return sSLContext;
        } catch (Exception e2) {
            Log.getStackTraceString(e2);
            return null;
        }
    }

    public static SSLContext a(Context context, Certificate certificate) {
        try {
            SSLContext sSLContext = SSLContext.getInstance(a[0]);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null, null);
            keyStore.setKeyEntry("key", a.a(context), "".toCharArray(), new Certificate[]{b(context)});
            keyStore.setCertificateEntry("serverCert", certificate);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, "".toCharArray());
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (Exception e2) {
            Log.getStackTraceString(e2);
            return null;
        }
    }

    public static SSLEngineResult.HandshakeStatus a(SSLEngine sSLEngine, ByteBuffer byteBuffer, OutputStream outputStream, InputStream inputStream) {
        try {
            ByteBuffer allocate = Build.VERSION.SDK_INT >= 20 ? ByteBuffer.allocate(0) : ByteBuffer.allocate(sSLEngine.getSession().getApplicationBufferSize());
            sSLEngine.wrap(allocate, byteBuffer);
            byteBuffer.flip();
            byte[] bArr = new byte[byteBuffer.limit()];
            byteBuffer.get(bArr);
            outputStream.write(kiwi.root.an2linuxclient.utils.a.a(bArr.length));
            outputStream.write(bArr);
            byte[] a2 = kiwi.root.an2linuxclient.utils.a.a(ByteBuffer.wrap(kiwi.root.an2linuxclient.utils.a.a(4, inputStream)).getInt(), inputStream);
            byteBuffer.clear();
            byteBuffer.put(a2);
            byteBuffer.flip();
            SSLEngineResult unwrap = sSLEngine.unwrap(byteBuffer, allocate);
            while (unwrap.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                unwrap = sSLEngine.unwrap(byteBuffer, allocate);
            }
            while (true) {
                Runnable delegatedTask = sSLEngine.getDelegatedTask();
                if (delegatedTask == null) {
                    break;
                }
                delegatedTask.run();
            }
            byteBuffer.clear();
            SSLEngineResult wrap = sSLEngine.wrap(allocate, byteBuffer);
            while (wrap.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_WRAP) {
                wrap = sSLEngine.wrap(allocate, byteBuffer);
            }
            byteBuffer.flip();
            byte[] bArr2 = new byte[byteBuffer.limit()];
            byteBuffer.get(bArr2);
            outputStream.write(kiwi.root.an2linuxclient.utils.a.a(bArr2.length));
            outputStream.write(bArr2);
            byte[] a3 = kiwi.root.an2linuxclient.utils.a.a(ByteBuffer.wrap(kiwi.root.an2linuxclient.utils.a.a(4, inputStream)).getInt(), inputStream);
            byteBuffer.clear();
            byteBuffer.put(a3);
            byteBuffer.flip();
            SSLEngineResult unwrap2 = sSLEngine.unwrap(byteBuffer, allocate);
            while (unwrap2.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NEED_UNWRAP) {
                unwrap2 = sSLEngine.unwrap(byteBuffer, allocate);
            }
            if (Build.VERSION.SDK_INT >= 20) {
                return unwrap2.getHandshakeStatus();
            }
            if (unwrap2.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.NOT_HANDSHAKING) {
                return SSLEngineResult.HandshakeStatus.FINISHED;
            }
            if (unwrap2.getHandshakeStatus() == SSLEngineResult.HandshakeStatus.FINISHED) {
                return unwrap2.getHandshakeStatus();
            }
            return null;
        } catch (IOException e2) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void a(SharedPreferences sharedPreferences, KeyPair keyPair) {
        Calendar calendar = Calendar.getInstance();
        calendar.add(5, -1);
        Date time = calendar.getTime();
        calendar.add(1, 10);
        Date time2 = calendar.getTime();
        X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        x500NameBuilder.addRDN(BCStyle.CN, "an2linuxclient");
        x500NameBuilder.addRDN(BCStyle.SERIALNUMBER, new BigInteger(128, new Random()).toString(16));
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500NameBuilder.build(), BigInteger.ONE, time, time2, x500NameBuilder.build(), keyPair.getPublic());
        try {
            X509Certificate certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(jcaX509v3CertificateBuilder.build(new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider("BC").build(keyPair.getPrivate())));
            SharedPreferences.Editor edit = sharedPreferences.edit();
            edit.putString("certificate", Base64.encodeToString(certificate.getEncoded(), 2));
            edit.putBoolean("currently_generating", false);
            edit.apply();
        } catch (Exception e2) {
            Log.getStackTraceString(e2);
        }
    }

    public static byte[] a(Context context) {
        return Base64.decode(context.getSharedPreferences("device_key_and_cert", 0).getString("certificate", ""), 0);
    }

    public static byte[] a(Certificate certificate) {
        try {
            return certificate.getEncoded();
        } catch (CertificateEncodingException e2) {
            Log.getStackTraceString(e2);
            return null;
        }
    }

    public static byte[] a(SSLEngine sSLEngine, ByteBuffer byteBuffer, ByteBuffer byteBuffer2, byte[] bArr) {
        try {
            byteBuffer.clear();
            byteBuffer2.clear();
            byteBuffer.put(bArr);
            byteBuffer.flip();
            sSLEngine.wrap(byteBuffer, byteBuffer2);
            byteBuffer2.flip();
            byte[] bArr2 = new byte[byteBuffer2.limit()];
            byteBuffer2.get(bArr2);
            return bArr2;
        } catch (SSLException e2) {
            Log.getStackTraceString(e2);
            return null;
        }
    }

    private static X509Certificate b(Context context) {
        try {
            return new JcaX509CertificateConverter().setProvider("BC").getCertificate(new X509CertificateHolder(Base64.decode(context.getSharedPreferences("device_key_and_cert", 0).getString("certificate", ""), 0)));
        } catch (Exception e2) {
            Log.getStackTraceString(e2);
            return null;
        }
    }

    public static byte[] b(SSLEngine sSLEngine, ByteBuffer byteBuffer, ByteBuffer byteBuffer2, byte[] bArr) {
        try {
            byteBuffer.clear();
            byteBuffer2.clear();
            byteBuffer2.put(bArr);
            byteBuffer2.flip();
            int bytesConsumed = sSLEngine.unwrap(byteBuffer2, byteBuffer).bytesConsumed();
            while (bytesConsumed < bArr.length) {
                bytesConsumed += sSLEngine.unwrap(byteBuffer2, byteBuffer).bytesConsumed();
            }
            byteBuffer.flip();
            byte[] bArr2 = new byte[byteBuffer.limit()];
            byteBuffer.get(bArr2);
            return bArr2;
        } catch (SSLException e2) {
            Log.getStackTraceString(e2);
            return null;
        }
    }
}
