package com.limelight.binding.crypto;

import android.content.Context;
import android.util.Base64;
import com.limelight.HXSLog;
import com.limelight.UserData.HXSVmData;
import com.limelight.computers.ComputerManagerService;
import com.limelight.nvstream.http.LimelightCryptoProvider;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.StringWriter;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes.dex */
public class AndroidCryptoProvider implements LimelightCryptoProvider {
    public static final String BEGIN_PRIVATE_KEY = "-----BEGIN PRIVATE KEY-----";
    public static final String END_PRIVATE_KEY = "-----END PRIVATE KEY-----";
    public static final String KEY_SHOULD_BE_REMOVED_BEGIN = "-----BEGIN RSA PRIVATE KEY-----";
    public static final String KEY_SHOULD_BE_REMOVED_END = "-----END RSA PRIVATE KEY-----";
    private X509Certificate cert;
    private final File certFile;
    private RSAPrivateKey key;
    private final File keyFile;
    private byte[] pemCertBytes;
    private static final Object globalCryptoLock = new Object();
    private static final Provider bcProvider = new BouncyCastleProvider();

    public AndroidCryptoProvider(Context context) {
        String absolutePath = context.getFilesDir().getAbsolutePath();
        this.certFile = new File(absolutePath + File.separator + "client.crt");
        this.keyFile = new File(absolutePath + File.separator + "client.key");
    }

    private boolean generateCertKeyPair() {
        byte[] bArr = new byte[8];
        new SecureRandom().nextBytes(bArr);
        try {
            Provider provider = bcProvider;
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", provider);
            keyPairGenerator.initialize(2048);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            Date date = new Date();
            Calendar calendar = Calendar.getInstance();
            calendar.setTime(date);
            calendar.add(1, 20);
            Date time = calendar.getTime();
            BigInteger abs = new BigInteger(bArr).abs();
            X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
            x500NameBuilder.addRDN(BCStyle.CN, "NVIDIA GameStream Client");
            X500Name build = x500NameBuilder.build();
            X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(build, abs, date, time, Locale.ENGLISH, build, SubjectPublicKeyInfo.getInstance(generateKeyPair.getPublic().getEncoded()));
            try {
                this.cert = new JcaX509CertificateConverter().setProvider(provider).getCertificate(x509v3CertificateBuilder.build(new JcaContentSignerBuilder("SHA256withRSA").setProvider(provider).build(generateKeyPair.getPrivate())));
                this.key = (RSAPrivateKey) generateKeyPair.getPrivate();
                HXSLog.info("Generated a new key pair");
                saveCertKeyPair();
                return true;
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    private boolean loadCertKeyPair() {
        String str;
        ByteArrayInputStream byteArrayInputStream;
        InputStreamReader inputStreamReader;
        BufferedReader bufferedReader;
        byte[] loadFileToBytes = loadFileToBytes(this.certFile);
        byte[] loadFileToBytes2 = loadFileToBytes(this.keyFile);
        if (ComputerManagerService.BooleanResume) {
            try {
                loadFileToBytes = HXSVmData.certString.getBytes(Charset.forName("ISO_8859_1"));
                loadFileToBytes2 = HXSVmData.keyString.getBytes(Charset.forName("ISO_8859_1"));
            } catch (NullPointerException e) {
                e.printStackTrace();
            }
        } else if (loadFileToBytes != null) {
            try {
                String str2 = new String(loadFileToBytes2, Charset.forName("ISO_8859_1"));
                HXSVmData.certString = new String(Base64.decode(Base64.encodeToString(new String(loadFileToBytes, Charset.forName("ISO_8859_1")).getBytes(), 2), 2));
                HXSVmData.keyString = new String(Base64.decode(Base64.encodeToString(str2.getBytes(), 2), 2));
            } catch (IllegalArgumentException unused) {
            }
        }
        if (loadFileToBytes == null || loadFileToBytes2 == null) {
            HXSLog.info("Missing cert or key; need to generate a new one");
            return false;
        }
        try {
            byteArrayInputStream = new ByteArrayInputStream(loadFileToBytes2);
            inputStreamReader = new InputStreamReader(byteArrayInputStream);
            bufferedReader = new BufferedReader(inputStreamReader);
            StringBuilder sb = new StringBuilder();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                sb.append(readLine);
            }
            str = sb.toString();
        } catch (IOException e2) {
            e = e2;
            str = "";
        }
        try {
            bufferedReader.close();
            inputStreamReader.close();
            byteArrayInputStream.close();
        } catch (IOException e3) {
            e = e3;
            e.printStackTrace();
            byte[] decode = Base64.decode(str.replace(KEY_SHOULD_BE_REMOVED_BEGIN, "").replace(KEY_SHOULD_BE_REMOVED_END, "").replace(BEGIN_PRIVATE_KEY, "").replace(END_PRIVATE_KEY, ""), 2);
            Provider provider = bcProvider;
            this.cert = (X509Certificate) CertificateFactory.getInstance("X.509", provider).generateCertificate(new ByteArrayInputStream(loadFileToBytes));
            this.pemCertBytes = loadFileToBytes;
            this.key = (RSAPrivateKey) KeyFactory.getInstance("RSA", provider).generatePrivate(new PKCS8EncodedKeySpec(decode));
            return true;
        }
        try {
            byte[] decode2 = Base64.decode(str.replace(KEY_SHOULD_BE_REMOVED_BEGIN, "").replace(KEY_SHOULD_BE_REMOVED_END, "").replace(BEGIN_PRIVATE_KEY, "").replace(END_PRIVATE_KEY, ""), 2);
            Provider provider2 = bcProvider;
            this.cert = (X509Certificate) CertificateFactory.getInstance("X.509", provider2).generateCertificate(new ByteArrayInputStream(loadFileToBytes));
            this.pemCertBytes = loadFileToBytes;
            this.key = (RSAPrivateKey) KeyFactory.getInstance("RSA", provider2).generatePrivate(new PKCS8EncodedKeySpec(decode2));
            return true;
        } catch (NoSuchAlgorithmException e4) {
            throw new RuntimeException(e4);
        } catch (CertificateException unused2) {
            HXSLog.warning("Corrupted certificate");
            return false;
        } catch (InvalidKeySpecException unused3) {
            HXSLog.warning("Corrupted key");
            return false;
        }
    }

    private byte[] loadFileToBytes(File file) {
        if (!file.exists()) {
            return null;
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            byte[] bArr = new byte[(int) file.length()];
            if (fileInputStream.read(bArr) != file.length()) {
                bArr = null;
            }
            fileInputStream.close();
            return bArr;
        } catch (IOException unused) {
            return null;
        }
    }

    private void saveCertKeyPair() {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(this.certFile);
            StringWriter stringWriter = new StringWriter();
            JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
            jcaPEMWriter.writeObject(this.cert);
            jcaPEMWriter.close();
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(fileOutputStream);
            String stringBuffer = stringWriter.getBuffer().toString();
            for (int i = 0; i < stringBuffer.length(); i++) {
                char charAt = stringBuffer.charAt(i);
                if (charAt != '\r') {
                    outputStreamWriter.append(charAt);
                }
            }
            outputStreamWriter.close();
            fileOutputStream.close();
            FileOutputStream fileOutputStream2 = new FileOutputStream(this.keyFile);
            StringWriter stringWriter2 = new StringWriter();
            JcaPEMWriter jcaPEMWriter2 = new JcaPEMWriter(stringWriter2);
            jcaPEMWriter2.writeObject(this.key);
            jcaPEMWriter2.close();
            OutputStreamWriter outputStreamWriter2 = new OutputStreamWriter(fileOutputStream2);
            String stringBuffer2 = stringWriter2.getBuffer().toString();
            for (int i2 = 0; i2 < stringBuffer2.length(); i2++) {
                char charAt2 = stringBuffer2.charAt(i2);
                if (charAt2 != '\r') {
                    outputStreamWriter2.append(charAt2);
                }
            }
            outputStreamWriter2.close();
            fileOutputStream2.close();
            HXSLog.info("Saved generated key pair to disk");
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    @Override // com.limelight.nvstream.http.LimelightCryptoProvider
    public String encodeBase64String(byte[] bArr) {
        return Base64.encodeToString(bArr, 2);
    }

    @Override // com.limelight.nvstream.http.LimelightCryptoProvider
    public X509Certificate getClientCertificate() {
        synchronized (globalCryptoLock) {
            X509Certificate x509Certificate = this.cert;
            if (x509Certificate != null) {
                return x509Certificate;
            }
            if (loadCertKeyPair()) {
                return this.cert;
            }
            if (!generateCertKeyPair()) {
                return null;
            }
            loadCertKeyPair();
            return this.cert;
        }
    }

    @Override // com.limelight.nvstream.http.LimelightCryptoProvider
    public RSAPrivateKey getClientPrivateKey() {
        synchronized (globalCryptoLock) {
            RSAPrivateKey rSAPrivateKey = this.key;
            if (rSAPrivateKey != null) {
                return rSAPrivateKey;
            }
            if (loadCertKeyPair()) {
                return this.key;
            }
            if (!generateCertKeyPair()) {
                return null;
            }
            loadCertKeyPair();
            return this.key;
        }
    }

    @Override // com.limelight.nvstream.http.LimelightCryptoProvider
    public byte[] getPemEncodedClientCertificate() {
        byte[] bArr;
        synchronized (globalCryptoLock) {
            getClientCertificate();
            bArr = this.pemCertBytes;
        }
        return bArr;
    }
}
