package com.google.android.gms.cast.b;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import java.io.IOException;
import java.math.BigInteger;
import java.net.Socket;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.GregorianCalendar;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public final class d implements X509KeyManager {

    /* renamed from: a, reason: collision with root package name */
    private static final com.google.android.gms.cast.e.h f8324a = new com.google.android.gms.cast.e.h("CastClientAuthKeyManager");

    /* renamed from: b, reason: collision with root package name */
    private static final int f8325b = ((Long) com.google.android.gms.cast.a.b.f8229h.c()).intValue();

    /* renamed from: g, reason: collision with root package name */
    private static d f8326g = null;

    /* renamed from: c, reason: collision with root package name */
    private final Context f8327c;

    /* renamed from: d, reason: collision with root package name */
    private KeyStore f8328d;

    /* renamed from: e, reason: collision with root package name */
    private KeyStore.PrivateKeyEntry f8329e;

    /* renamed from: f, reason: collision with root package name */
    private byte[] f8330f;

    private d(Context context) {
        this.f8328d = null;
        this.f8327c = context;
        try {
            this.f8328d = KeyStore.getInstance("AndroidKeyStore");
            this.f8328d.load(null);
        } catch (IOException e2) {
            f8324a.d(e2, "Can't retrieve keystore", new Object[0]);
        } catch (KeyStoreException e3) {
            f8324a.d(e3, "Can't retrieve keystore", new Object[0]);
        } catch (NoSuchAlgorithmException e4) {
            f8324a.d(e4, "Can't retrieve keystore", new Object[0]);
        } catch (CertificateException e5) {
            f8324a.d(e5, "Can't retrieve keystore", new Object[0]);
        }
    }

    public static d a(Context context) {
        if (f8326g == null) {
            f8326g = new d(context);
        }
        return f8326g;
    }

    private void b() {
        for (int i2 = 0; i2 < 3; i2++) {
            try {
                f8324a.g("Attempting to retrieve client auth cert.", new Object[0]);
                this.f8330f = null;
                this.f8329e = (KeyStore.PrivateKeyEntry) this.f8328d.getEntry("cast_nearby_client_auth", null);
                if (this.f8329e == null) {
                    f8324a.g("Attempting to create a new client auth cert.", new Object[0]);
                    f8324a.g("Creating a new privatekey pair for Cast auth.", new Object[0]);
                    GregorianCalendar gregorianCalendar = new GregorianCalendar();
                    GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
                    gregorianCalendar2.add(12, f8325b);
                    KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.f8327c).setAlias("cast_nearby_client_auth").setSubject(new X500Principal("CN=cast_nearby_client_auth")).setSerialNumber(new BigInteger(512, new SecureRandom())).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                    keyPairGenerator.initialize(build);
                    keyPairGenerator.generateKeyPair();
                } else {
                    Certificate certificate = this.f8329e.getCertificate();
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    if (x509Certificate != null) {
                        x509Certificate.checkValidity(new Date(new Date().getTime() + 60000));
                        this.f8330f = MessageDigest.getInstance("SHA-256").digest(certificate.getPublicKey().getEncoded());
                        f8324a.g("successfully created hash of public key. %s", Base64.encode(this.f8330f, 0));
                        return;
                    } else if (!c()) {
                        return;
                    }
                }
            } catch (RuntimeException e2) {
                f8324a.e(e2, "RuntimeExeception detected.", new Object[0]);
                if (!c()) {
                    return;
                } else {
                    f8324a.b(e2, "deleting key and regenerating.", new Object[0]);
                }
            } catch (InvalidAlgorithmParameterException e3) {
                f8324a.d(e3, "invalid algorithm parameter.", new Object[0]);
                return;
            } catch (KeyStoreException e4) {
                f8324a.d(e4, "unable to use key from keystore.", new Object[0]);
                return;
            } catch (NoSuchAlgorithmException e5) {
                f8324a.d(e5, "No algorithm available.", new Object[0]);
                return;
            } catch (NoSuchProviderException e6) {
                f8324a.d(e6, "no provider.", new Object[0]);
                return;
            } catch (UnrecoverableEntryException e7) {
                f8324a.e(e7, "UnrecoverableEntryException detected.", new Object[0]);
                if (!c()) {
                    return;
                } else {
                    f8324a.b(e7, "deleting key and regenerating.", new Object[0]);
                }
            } catch (CertificateExpiredException e8) {
                if (!c()) {
                    return;
                } else {
                    f8324a.b(e8, "deleting key and regenerating.", new Object[0]);
                }
            } catch (CertificateNotYetValidException e9) {
                if (!c()) {
                    return;
                } else {
                    f8324a.b(e9, "deleting key and regenerating.", new Object[0]);
                }
            }
        }
    }

    private boolean c() {
        try {
            f8324a.c("Deleting key %s.", "cast_nearby_client_auth");
            this.f8328d.deleteEntry("cast_nearby_client_auth");
            return true;
        } catch (KeyStoreException e2) {
            f8324a.d(e2, "unable to delete key from keystore.", new Object[0]);
            return false;
        }
    }

    public final byte[] a() {
        b();
        return this.f8330f;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return "cast_nearby_client_auth";
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final X509Certificate[] getCertificateChain(String str) {
        b();
        return this.f8329e != null ? (X509Certificate[]) this.f8329e.getCertificateChain() : new X509Certificate[0];
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getClientAliases(String str, Principal[] principalArr) {
        return new String[]{"cast_nearby_client_auth"};
    }

    @Override // javax.net.ssl.X509KeyManager
    public final PrivateKey getPrivateKey(String str) {
        b();
        if (this.f8329e != null) {
            return this.f8329e.getPrivateKey();
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getServerAliases(String str, Principal[] principalArr) {
        return new String[0];
    }
}
