package com.nvidia.gsService.commChannel;

import com.nvidia.gsService.NvMjolnirClientCertificateInfo;
import com.nvidia.gsService.c0;
import com.nvidia.streamCommon.b.i;
import java.io.BufferedWriter;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Date;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import l.b.a.m2.t;
import l.b.a.s;
import l.b.f.h;

/* compiled from: GameStream */
/* loaded from: classes2.dex */
public class e {
    private static final com.nvidia.streamCommon.a a = new com.nvidia.streamCommon.a();
    private static X509Certificate b = null;

    /* renamed from: c, reason: collision with root package name */
    private static PrivateKey f2523c = null;

    /* renamed from: d, reason: collision with root package name */
    private static String f2524d = null;

    /* renamed from: e, reason: collision with root package name */
    private static String f2525e = null;

    /* renamed from: f, reason: collision with root package name */
    private static KeyManager[] f2526f = null;

    /* renamed from: g, reason: collision with root package name */
    private static X509Certificate f2527g = null;

    /* renamed from: h, reason: collision with root package name */
    private static boolean f2528h = false;

    /* renamed from: i, reason: collision with root package name */
    private static boolean f2529i = false;

    /* JADX INFO: Access modifiers changed from: protected */
    /* compiled from: GameStream */
    /* loaded from: classes2.dex */
    public static class a implements X509TrustManager {
        private c0 a;

        public a(c0 c0Var) {
            this.a = null;
            this.a = c0Var;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            boolean z = true;
            if (x509CertificateArr.length > 1) {
                e.a.b("PgcCertificateUtils", "PgcTrustManager::checkServerTrusted: Server certificate chain is longer than expected. Length = " + x509CertificateArr.length);
            }
            boolean z2 = false;
            if (this.a != null) {
                if (x509CertificateArr.length > 0) {
                    X509Certificate x509Certificate = x509CertificateArr[0];
                    try {
                        x509Certificate.verify(x509Certificate.getPublicKey());
                        StringBuilder sb = new StringBuilder();
                        sb.append(i.a(x509Certificate.getSignature()));
                        if (this.a.f(sb.toString()) == null) {
                            e.a.b("PgcCertificateUtils", "PgcTrustManager::checkServerTrusted cannot match sslCertHash = " + sb.toString().substring(0, Math.min(16, sb.toString().length())));
                            e.a("PgcCertificateUtils", "Server certificate: ", x509Certificate);
                        }
                    } catch (Exception e2) {
                        e.a.b("PgcCertificateUtils", "PgcTrustManager::checkServerTrusted X509Certificate.verify() exception ", e2);
                    }
                    z2 = z;
                }
                z = false;
                z2 = z;
            } else {
                e.a.b("PgcCertificateUtils", "PgcTrustManager::checkServerTrusted null mPgcDbHelper");
            }
            if (!z2) {
                throw new CertificateException("PgcTrustManager::checkServerTrusted failed");
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    public static String a(X509Certificate x509Certificate) {
        return i.a(x509Certificate.getSignature());
    }

    public static X509Certificate a(String str) throws CertificateException {
        return a(b.a(str));
    }

    public static X509Certificate a(byte[] bArr) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    private static void a() {
        if (f2528h) {
            a.c("PgcCertificateUtils", "Pgc Certificate:");
            a.c("PgcCertificateUtils", new String(b.a(f2524d)));
            a.c("PgcCertificateUtils", "Pgc Certificate Hex:");
            a.c("PgcCertificateUtils", i.a(f2524d));
        }
    }

    public static void a(String str, String str2, X509Certificate x509Certificate) {
        String b2 = b(x509Certificate);
        if (b2 != null) {
            b2 = b2.replace("\n", " ");
        }
        i.a(str, str2, b2, 64);
    }

    public static synchronized boolean a(String str, c0 c0Var) {
        boolean a2;
        synchronized (e.class) {
            a2 = a(str, c0Var, (Boolean) false);
        }
        return a2;
    }

    public static synchronized boolean a(String str, c0 c0Var, Boolean bool) {
        synchronized (e.class) {
            boolean z = false;
            if ((f2528h && f2529i) || bool.booleanValue()) {
                a.a("PgcCertificateUtils", "deleting certificate from DB for new generation");
                c0Var.b();
                f2524d = null;
                f2525e = null;
                b = null;
                f2523c = null;
                f2526f = null;
                f2529i = false;
            } else if (f2525e != null && f2524d != null) {
                BigInteger serialNumber = b.getSerialNumber();
                if (serialNumber.compareTo(new BigInteger(e.b.e.i.c.a(str), 16)) == 0) {
                    return true;
                }
                a.c("PgcCertificateUtils", "Deleting certificate from database to regenerate  has ClientId = " + i.a(e.b.e.i.c.a(str)) + " SerialNumber from cert = " + i.a(serialNumber.toString(16)));
                c0Var.b();
            }
            NvMjolnirClientCertificateInfo l2 = c0Var.l();
            if (l2 != null) {
                String str2 = l2.b;
                f2525e = str2;
                f2524d = l2.f2416c;
                f2523c = b(b.a(str2));
                b = com.nvidia.streamCommon.b.a.a(b.a(f2524d));
                a();
                b();
                if (f2525e == null || f2524d == null || f2523c == null || b == null) {
                    a.b("PgcCertificateUtils", "X509 Certificate reload from DB failed");
                }
                z = g();
            }
            if (!z) {
                if (b(str)) {
                    a.c("PgcCertificateUtils", "Generated X509 Certificate");
                    NvMjolnirClientCertificateInfo nvMjolnirClientCertificateInfo = new NvMjolnirClientCertificateInfo(f2525e, f2524d);
                    c0Var.b();
                    if (c0Var.a(nvMjolnirClientCertificateInfo) == -1) {
                        a.b("PgcCertificateUtils", "X509 Certificate failed to store in database");
                    }
                } else {
                    a.b("PgcCertificateUtils", "X509Certificate generation error");
                }
                z = g();
            }
            return z;
        }
    }

    public static byte[] a(Object obj) {
        byte[] bArr = null;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            h hVar = new h(new PrintWriter(new BufferedWriter(new OutputStreamWriter(byteArrayOutputStream))));
            hVar.a(obj);
            hVar.flush();
            hVar.close();
            bArr = byteArrayOutputStream.toByteArray();
            byteArrayOutputStream.close();
            return bArr;
        } catch (Exception e2) {
            e2.printStackTrace();
            return bArr;
        }
    }

    public static synchronized KeyManager[] a(X509Certificate x509Certificate, PrivateKey privateKey) {
        KeyManager[] keyManagerArr;
        synchronized (e.class) {
            if (f2527g == null || !x509Certificate.equals(f2527g)) {
                try {
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(null, null);
                    keyStore.setCertificateEntry("GameStreamCertificate", x509Certificate);
                    keyStore.setKeyEntry("GameStreamKey", privateKey, null, new X509Certificate[]{x509Certificate});
                    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                    keyManagerFactory.init(keyStore, null);
                    f2526f = keyManagerFactory.getKeyManagers();
                    f2527g = x509Certificate;
                } catch (Exception e2) {
                    e2.printStackTrace();
                }
                if (f2526f == null) {
                    a.a("PgcCertificateUtils", "No KeyManager[] retrieved");
                } else {
                    a.a("PgcCertificateUtils", "KeyManager[] retrieved");
                }
            }
            keyManagerArr = f2526f;
        }
        return keyManagerArr;
    }

    public static TrustManager[] a(c0 c0Var) {
        return new TrustManager[]{new a(c0Var)};
    }

    public static String b(Object obj) {
        String str = null;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            h hVar = new h(new PrintWriter(new BufferedWriter(new OutputStreamWriter(byteArrayOutputStream))));
            hVar.a(obj);
            hVar.flush();
            hVar.close();
            str = byteArrayOutputStream.toString("UTF-8");
            byteArrayOutputStream.close();
            return str;
        } catch (Exception e2) {
            e2.printStackTrace();
            return str;
        }
    }

    private static PrivateKey b(byte[] bArr) {
        PrivateKey privateKey = null;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            privateKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(((l.b.f.e) new l.b.f.g(new InputStreamReader(byteArrayInputStream)).k()).a().e()));
            byteArrayInputStream.close();
            return privateKey;
        } catch (Exception e2) {
            e2.printStackTrace();
            return privateKey;
        }
    }

    private static void b() {
        if (f2528h) {
            a.c("PgcCertificateUtils", "Pgc Private Key:");
            a.c("PgcCertificateUtils", new String(b.a(f2525e)));
            a.c("PgcCertificateUtils", "Pgc Private Key Hex:");
            a.c("PgcCertificateUtils", i.a(f2525e));
        }
    }

    private static boolean b(String str) {
        boolean z = false;
        try {
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048, secureRandom);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PublicKey publicKey = generateKeyPair.getPublic();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            X509Certificate a2 = new l.b.b.g.e().a(new l.b.b.f(new l.b.a.l2.c("CN=NVIDIA GameStream Client"), new BigInteger(e.b.e.i.c.a(str), 16), new Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() + 622080000000L), new l.b.a.l2.c("CN=NVIDIA GameStream Client"), new t(s.a((Object) publicKey.getEncoded()))).a(new l.b.g.g.a("SHA256WithRSAEncryption").a(privateKey)));
            b = a2;
            f2523c = privateKey;
            byte[] a3 = a((Object) a2);
            if (a3 == null) {
                a.b("PgcCertificateUtils", "X509Certificate null");
            } else {
                f2524d = i.a(a3);
                byte[] a4 = a(privateKey);
                if (a4 == null) {
                    a.b("PgcCertificateUtils", "RSAPrivateKey null");
                } else {
                    f2525e = i.a(a4);
                    a();
                    b();
                    z = true;
                }
            }
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return z;
    }

    public static String c() {
        return f2524d;
    }

    public static X509Certificate d() {
        return b;
    }

    public static KeyManager[] e() {
        PrivateKey privateKey;
        X509Certificate x509Certificate = b;
        if (x509Certificate != null && (privateKey = f2523c) != null) {
            return a(x509Certificate, privateKey);
        }
        a.b("PgcCertificateUtils", "PgcCertificateUtils GetPgcKeyManagers returns null");
        return null;
    }

    public static PrivateKey f() {
        return f2523c;
    }

    public static boolean g() {
        PrivateKey privateKey;
        if (f2525e == null || f2524d == null || (privateKey = f2523c) == null || b == null || !(privateKey instanceof RSAPrivateKey)) {
            a.e("PgcCertificateUtils", "PrivateKey/Cert components incomplete");
            return false;
        }
        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) privateKey;
        if (rSAPrivateKey.getModulus().bitLength() >= 2048) {
            a.c("PgcCertificateUtils", "All PrivateKey/Cert checkings are good, prikeyBitlen=" + rSAPrivateKey.getModulus().bitLength());
            return true;
        }
        a.e("PgcCertificateUtils", "Key length " + rSAPrivateKey.getModulus().bitLength() + " is too short");
        return false;
    }
}
