package net.metaquotes.metatrader5.terminal;

import android.content.Context;
import android.text.TextUtils;
import defpackage.a00;
import defpackage.in3;
import defpackage.lb3;
import defpackage.po2;
import defpackage.uq;
import defpackage.xx3;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.List;
import java.util.Map;
import net.metaquotes.tools.Journal;
import net.metaquotes.tools.Keep;
import net.metaquotes.ui.Publisher;

@Keep
/* loaded from: classes2.dex */
public abstract class TerminalCertificates extends TerminalNetwork {
    private static final int AUTH_RSA1024 = 1;
    private static final int AUTH_RSA2048 = 2;
    private final a _mCertBase;

    public TerminalCertificates(Context context) {
        super(context);
        StringBuilder v = in3.v(context);
        if (v != null) {
            v.append("keys.dat");
        }
        this._mCertBase = new a(v == null ? null : v.toString(), certToken());
    }

    public static native String certToken();

    @Keep
    private static byte[] certificateDataSign(long j, String str, byte[] bArr) {
        Terminal q = Terminal.q();
        if (q == null) {
            return null;
        }
        return ((TerminalCertificates) q)._mCertBase.p(j, str, bArr);
    }

    private static byte[] certificateDecrypt(long j, String str, byte[] bArr) {
        Terminal q = Terminal.q();
        if (q == null) {
            return null;
        }
        return ((TerminalCertificates) q)._mCertBase.e(j, str, bArr);
    }

    private static boolean certificateExist(long j) {
        Terminal q = Terminal.q();
        return (q == null || ((TerminalCertificates) q)._mCertBase.h(Long.toHexString(j)) == null) ? false : true;
    }

    @Keep
    private static byte[] certificateGet(long j) {
        Terminal q = Terminal.q();
        if (q == null) {
            return null;
        }
        X509Certificate h = ((TerminalCertificates) q)._mCertBase.h(Long.toHexString(j));
        if (h == null) {
            Publisher.publish(1011);
            return null;
        }
        try {
            return h.getEncoded();
        } catch (CertificateEncodingException e) {
            Journal.add("Terminal", "Can't encode certificate: %1$s", e.getMessage());
            return null;
        }
    }

    private static long certificateGetSerialNumber(String str, ByteBuffer byteBuffer) {
        Terminal q = Terminal.q();
        if (q == null) {
            return 0L;
        }
        return ((TerminalCertificates) q)._mCertBase.l(str, byteBuffer);
    }

    @Keep
    private static long certificateStore(String str, ByteBuffer byteBuffer, ByteBuffer byteBuffer2, byte[] bArr) {
        Terminal q = Terminal.q();
        if (q != null && byteBuffer != null && str != null) {
            try {
                return ((TerminalCertificates) q)._mCertBase.b(str, (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new uq(byteBuffer)), bArr);
            } catch (CertificateException e) {
                Journal.add("Terminal", "Certificate exception: %1$s", e.getMessage());
            }
        }
        return 0L;
    }

    private static boolean certificateValidate(ByteBuffer byteBuffer, byte[] bArr, byte[] bArr2) {
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new uq(byteBuffer));
            try {
                Signature signature = Signature.getInstance("SHA1withRSA");
                signature.initVerify(x509Certificate);
                signature.update(bArr);
                byte[] bArr3 = new byte[bArr2.length];
                for (int i = 0; i < bArr2.length; i++) {
                    bArr3[(bArr2.length - i) - 1] = bArr2[i];
                }
                return signature.verify(bArr3);
            } catch (InvalidKeyException e) {
                Journal.add("Terminal", "Invalid key: %1$s", e.getMessage());
                return false;
            } catch (NoSuchAlgorithmException e2) {
                Journal.add("Terminal", "Can't obtain signature instance: %1$s", e2.getMessage());
                return false;
            } catch (SignatureException e3) {
                Journal.add("Terminal", "Can't check signature: %1$s", e3.getMessage());
                return false;
            }
        } catch (CertificateException e4) {
            Journal.add("Terminal", "Certificate exception: %1$s", e4.getMessage());
            return false;
        }
    }

    private static boolean certificatesDelete(long j, String str) {
        Terminal q = Terminal.q();
        if (q == null) {
            return false;
        }
        return q.deleteCertificate(j, str);
    }

    private boolean deleteCertificate(long j, String str) {
        a00 findCertificateByLoginAndServer;
        a aVar = this._mCertBase;
        if (aVar == null || (findCertificateByLoginAndServer = findCertificateByLoginAndServer(aVar.i(), j, str)) == null) {
            return false;
        }
        X509Certificate a = findCertificateByLoginAndServer.a();
        boolean f = this._mCertBase.f(findCertificateByLoginAndServer.a);
        if (f && isCertificateIssuedFor(a, networkAccountLogin(), networkServerName())) {
            networkDisconnect();
        }
        return f;
    }

    private a00 findCertificateByLoginAndServer(List<a00> list, long j, String str) {
        if (list != null && j > 0 && str != null && !str.isEmpty()) {
            for (a00 a00Var : list) {
                if (isCertificateIssuedFor(a00Var.a(), j, str)) {
                    return a00Var;
                }
            }
        }
        return null;
    }

    private native int getKeyType();

    private boolean isCertificateIssuedFor(X509Certificate x509Certificate, long j, String str) {
        if (x509Certificate == null || j <= 0 || str == null || str.isEmpty()) {
            return false;
        }
        Map a = lb3.a(x509Certificate.getSubjectDN().toString());
        String str2 = (String) a.get("CN");
        String str3 = (String) a.get("OU");
        if (str2 == null || str2.isEmpty() || str3 == null || str3.isEmpty()) {
            return false;
        }
        if (!str2.startsWith(j + " -")) {
            return false;
        }
        StringBuilder sb = new StringBuilder();
        sb.append(str3);
        sb.append("-");
        return str.startsWith(sb.toString());
    }

    private native void keysClose();

    private native boolean setKeys(String str, byte[] bArr, byte[] bArr2);

    public native void accountHasPassword(boolean z);

    public boolean certificateGetInfo(InputStream inputStream, String str, List<a00> list) {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(inputStream, str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                if (certificateChain != null && certificateChain.length > 0) {
                    list.add(new a00(nextElement, (X509Certificate) certificateChain[0]));
                }
            }
            return true;
        } catch (IOException e) {
            Journal.add("KeyStore", "Can't load storage: %1$s (%2$s)", e.getMessage(), e.getClass().getSimpleName());
            return false;
        } catch (KeyStoreException e2) {
            Journal.add("KeyStore", "Can't open storage: %1$s (%2$s)", e2.getMessage(), e2.getClass().getSimpleName());
            return false;
        } catch (NoSuchAlgorithmException e3) {
            Journal.add("KeyStore", "Can't load storage: %1$s (%2$s)", e3.getMessage(), e3.getClass().getSimpleName());
            return false;
        } catch (CertificateException e4) {
            Journal.add("KeyStore", "Can't load storage: %1$s (%2$s)", e4.getMessage(), e4.getClass().getSimpleName());
            return false;
        }
    }

    public boolean certificatesDelete(String str) {
        X509Certificate h = this._mCertBase.h(str);
        if (h == null) {
            return false;
        }
        boolean f = this._mCertBase.f(str);
        if (f && isCertificateIssuedFor(h, networkAccountLogin(), networkServerName())) {
            networkDisconnect();
        }
        return f;
    }

    public boolean certificatesExport(OutputStream outputStream, String str, String str2) throws po2 {
        return this._mCertBase.g(outputStream, str, str2);
    }

    public List<a00> certificatesGet() {
        return this._mCertBase.i();
    }

    public boolean certificatesImport(InputStream inputStream, String str, String str2) {
        return this._mCertBase.c(inputStream, str, str2);
    }

    public void generateKeys(String str) {
        KeyPairGenerator keyPairGenerator;
        xx3.a();
        try {
            int keyType = getKeyType();
            if (keyType == 1) {
                keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(1024);
            } else {
                if (keyType != 2) {
                    return;
                }
                keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(2048);
            }
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            if (genKeyPair != null && !TextUtils.isEmpty(str)) {
                if (setKeys(str, genKeyPair.getPublic().getEncoded(), genKeyPair.getPrivate().getEncoded())) {
                    networkConnect();
                } else {
                    Journal.add("Terminal", "Can't set current key pair");
                }
            }
        } catch (NoSuchAlgorithmException e) {
            Journal.add("Terminal", "Can't generate key pair: %1$s", e.getMessage());
        }
    }

    @Override // net.metaquotes.metatrader5.terminal.TerminalNetwork
    protected boolean prepareConnection() {
        return true;
    }
}
