package com.sevenprinciples.android.mdm.safeclient.thirdparty.samsung;

import com.google.common.base.Ascii;
import com.microsoft.identity.common.java.providers.oauth2.OpenIdProviderConfiguration;
import com.samsung.android.knox.keystore.CertificateInfo;
import com.sevenprinciples.android.mdm.safeclient.base.Constants;
import com.sevenprinciples.android.mdm.safeclient.base.logger.AppLog;
import com.sevenprinciples.android.mdm.safeclient.security.ThreadSafeEncryptedNoSQLStorage;
import com.yubico.yubikit.core.fido.CtapException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Locale;
import java.util.TimeZone;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class CertificateHelper {
    private static final String TAG = Constants.TAG_PREFFIX + "CH";

    public static String getThumbPrint(X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.update(x509Certificate.getEncoded());
        return hexify(messageDigest.digest());
    }

    public static String getValByAttributeTypeFromDN(String str, String str2) {
        String str3;
        for (String str4 : str.split(",")) {
            if (str4.contains(str2) && (str3 = str4.trim().split("=")[1]) != null) {
                return str3.trim();
            }
        }
        return "";
    }

    private static String hexify(byte[] bArr) {
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (byte b : bArr) {
            sb.append(cArr[(b & CtapException.ERR_VENDOR_FIRST) >> 4]);
            sb.append(cArr[b & Ascii.SI]);
        }
        return sb.toString();
    }

    public static String loadCA(String str) {
        return ThreadSafeEncryptedNoSQLStorage.getInstance().getString("ca_cert." + str, null);
    }

    public static void storeCA(String str, String str2) {
        ThreadSafeEncryptedNoSQLStorage.getInstance().setString("ca_cert." + str, str2);
    }

    public static JSONObject toJson(SecurityPolicy securityPolicy, CertificateInfo certificateInfo, X509Certificate x509Certificate, boolean z) {
        JSONObject jSONObject = new JSONObject();
        try {
            SafeCompatibilityLayer.certificateToJson(jSONObject, certificateInfo, securityPolicy, z);
            jSONObject.put("type", x509Certificate.getType());
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss", Locale.US);
            simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
            jSONObject.put("validTo", simpleDateFormat.format(new Date(x509Certificate.getNotAfter().getTime())));
            jSONObject.put("validFrom", simpleDateFormat.format(new Date(x509Certificate.getNotBefore().getTime())));
            if (x509Certificate.getSubjectDN() != null) {
                jSONObject.put("subject", x509Certificate.getSubjectDN().getName());
                jSONObject.put("subjectCN", getValByAttributeTypeFromDN(x509Certificate.getSubjectDN().getName(), "CN="));
            }
            if (x509Certificate.getIssuerDN() != null) {
                jSONObject.put(OpenIdProviderConfiguration.SerializedNames.ISSUER, x509Certificate.getIssuerDN().getName());
                jSONObject.put("issuerCN", getValByAttributeTypeFromDN(x509Certificate.getIssuerDN().getName(), "CN="));
            }
            jSONObject.put("hash", getThumbPrint(x509Certificate));
        } catch (Throwable th) {
            AppLog.e(TAG, th.getMessage(), th);
        }
        return jSONObject;
    }
}
