package com.amazon.coral.util.security;

import com.amazon.coral.internal.org.bouncycastle.asn1.x500.C$X500Name;
import com.amazon.coral.internal.org.bouncycastle.cert.jcajce.C$JcaX509CertificateConverter;
import com.amazon.coral.internal.org.bouncycastle.cert.jcajce.C$JcaX509v3CertificateBuilder;
import com.amazon.coral.internal.org.bouncycastle.operator.C$OperatorCreationException;
import com.amazon.coral.internal.org.bouncycastle.operator.jcajce.C$JcaContentSignerBuilder;
import com.amazon.identity.auth.device.api.MAPAccountManager;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Date;

/* loaded from: classes3.dex */
public class TemporaryKeystoreFactory implements KeystoreFactory {
    private static final char[] TEMPORARY_PASSWORD = MAPAccountManager.KEY_AMAZON_ACCOUNT_PASSWORD.toCharArray();

    private void createKeystore(String str, File file) {
        try {
            if (!file.getParentFile().mkdirs() && !file.getParentFile().isDirectory()) {
                throw new IllegalStateException("Could not create directory " + file.getParentFile().getAbsolutePath() + " for temporary keystore");
            }
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            char[] cArr = TEMPORARY_PASSWORD;
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            X509Certificate[] x509CertificateArr = {generateCertificate(generateKeyPair)};
            keyStore.load(null, cArr);
            keyStore.setKeyEntry(str, privateKey, cArr, x509CertificateArr);
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                keyStore.store(fileOutputStream, cArr);
            } finally {
                try {
                    fileOutputStream.close();
                } catch (Throwable th) {
                }
            }
        } catch (Throwable th2) {
            throw new RuntimeException(th2);
        }
    }

    private static X509Certificate generateCertificate(KeyPair keyPair) throws CertificateException {
        C$X500Name c$X500Name = new C$X500Name(String.format("CN=%s, OU=%s, O=%s, L=%s, ST=%s, C=%s", "Amazon.com", "Amazon.com", "Amazon.com", "Seattle", "WA", "US"));
        Instant now = Instant.now();
        try {
            return new C$JcaX509CertificateConverter().getCertificate(new C$JcaX509v3CertificateBuilder(c$X500Name, new BigInteger(64, new SecureRandom()), Date.from(now), Date.from(now.plus(90L, (TemporalUnit) ChronoUnit.DAYS)), c$X500Name, keyPair.getPublic()).build(new C$JcaContentSignerBuilder("SHA256WithRSA").build(keyPair.getPrivate())));
        } catch (C$OperatorCreationException e) {
            throw new CertificateException(e);
        }
    }

    private static File getCacheLocation() {
        String name = Keystore.class.getName();
        String property = System.getProperty(name);
        if (property == null) {
            property = new File(new File(System.getProperty("java.io.tmpdir"), "." + name), "" + String.format("%x", Integer.valueOf(System.getProperty("user.dir").hashCode()))).getPath();
        }
        return new File(property);
    }

    private boolean isKeystoreUsable(File file) {
        if (!file.exists()) {
            return false;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                keyStore.load(fileInputStream, TEMPORARY_PASSWORD);
                return true;
            } finally {
                try {
                    fileInputStream.close();
                } catch (Throwable th) {
                }
            }
        } catch (Throwable th2) {
            return false;
        }
    }

    @Override // com.amazon.coral.util.security.KeystoreFactory
    public Keystore newKeystore(CharSequence charSequence) {
        if (charSequence == null) {
            throw new IllegalArgumentException();
        }
        boolean z = true;
        File file = new File(getCacheLocation(), ((Object) charSequence) + ".jks");
        if (file.exists()) {
            if (isKeystoreUsable(file)) {
                z = false;
            } else {
                try {
                    file = File.createTempFile(charSequence.toString(), ".jks", file.getParentFile());
                } catch (Throwable th) {
                    throw new RuntimeException(th);
                }
            }
        }
        if (z) {
            createKeystore(charSequence.toString(), file);
        }
        final File file2 = file;
        return new Keystore() { // from class: com.amazon.coral.util.security.TemporaryKeystoreFactory.1
            private final String password = new String(TemporaryKeystoreFactory.TEMPORARY_PASSWORD);

            @Override // com.amazon.coral.util.security.Keystore
            public File getKeystoreFile() {
                return file2;
            }

            @Override // com.amazon.coral.util.security.Keystore
            public CharSequence getKeystorePassword() {
                return this.password;
            }
        };
    }
}
