package com.amazon.cloud9.kids.webserver;

import android.util.Log;
import com.amazon.awsauth.MetricHelperFactory;
import java.io.File;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.UUID;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.TBSCertificate;
import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
import org.bouncycastle.cert.CertUtils;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.NamedCertHelper;
import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.OperatorHelper;
import org.nanohttpd.webserver.SimpleWebServer;

/* loaded from: classes.dex */
public class WebServer extends SimpleWebServer {
    private static final String JCA_CONTENT_SIGNER_ALGORITHM = "SHA1withRSA";
    private static final String KEY_PAIR_GENERATOR_CRYPTO_SUITE = "RSA";
    private static final String KEY_SET_ENTRY_ID = "selfsigned";
    private static final long ONE_THOUSAND_DAYS_IN_MILLIS = 86400000000L;
    private static final String SECURITY_PROVIDER_NAME = "BC";
    private static final String SELF_SIGNED_X509_CA = "C=us,ST=localhost,L=localhost,O=Cloud9Kids.selfsigned,OU=localhost,CN=localhost";
    private static final int SSL_DEFAULT_KEY_PAIR_SIZE = 2048;
    private static final int SSL_SERVER_TIMEOUT = 10000;
    public static final String SSL_TRUSTED_HOSTNAME = "localhost";
    private static final String SSL_TRUSTED_IP = "127.0.0.1";
    private static final char[] SSL_TRUST_KEY = UUID.randomUUID().toString().toCharArray();
    private static final String TAG = "Cloud9KidsWebServer";
    private static final String TLS_CONTEXT_CYPHER_SUITE = "TLSv1.2";
    private SSLContext ctx;
    private byte[] generatedAndroidKeystore;
    private final MetricHelperFactory metricHelperFactory;
    private final String sslSourceType;

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public WebServer(Integer num, File file, String str, MetricHelperFactory metricHelperFactory) {
        super(SSL_TRUSTED_HOSTNAME, num.intValue(), file, true);
        this.sslSourceType = str;
        this.metricHelperFactory = metricHelperFactory;
        try {
            this.generatedAndroidKeystore = generateDefaultAndroidDebugKeystore();
        } catch (Exception e) {
            Log.e(TAG, "There was an error while generating certificate", e);
        }
    }

    private static X509Certificate generateCertificate(KeyPair keyPair) throws OperatorCreationException, CertificateException, InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, IOException {
        JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(new X500Name(SELF_SIGNED_X509_CA), new BigInteger(64, new SecureRandom()), new Date(), new Date(System.currentTimeMillis() + ONE_THOUSAND_DAYS_IN_MILLIS), new X500Name(SELF_SIGNED_X509_CA), keyPair.getPublic());
        ArrayList arrayList = new ArrayList();
        arrayList.add(new GeneralName(2, SSL_TRUSTED_HOSTNAME));
        arrayList.add(new GeneralName(7, SSL_TRUSTED_IP));
        ASN1Encodable dERSequence = new DERSequence((ASN1Encodable[]) arrayList.toArray(new GeneralName[0]));
        CertUtils.addExtension$3b6e020f(jcaX509v3CertificateBuilder.extGenerator, Extension.subjectAlternativeName, dERSequence instanceof GeneralNames ? (GeneralNames) dERSequence : new GeneralNames(ASN1Sequence.getInstance(dERSequence)));
        JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(JCA_CONTENT_SIGNER_ALGORITHM);
        jcaContentSignerBuilder.helper = new OperatorHelper(new NamedJcaJceHelper(SECURITY_PROVIDER_NAME));
        ContentSigner build = jcaContentSignerBuilder.build(keyPair.getPrivate());
        jcaX509v3CertificateBuilder.tbsGen.signature = build.getAlgorithmIdentifier();
        if (!jcaX509v3CertificateBuilder.extGenerator.extOrdering.isEmpty()) {
            V3TBSCertificateGenerator v3TBSCertificateGenerator = jcaX509v3CertificateBuilder.tbsGen;
            Extensions generate = jcaX509v3CertificateBuilder.extGenerator.generate();
            v3TBSCertificateGenerator.extensions = generate;
            Extension extension = (Extension) generate.extensions.get(Extension.subjectAlternativeName);
            if (extension != null && extension.critical) {
                v3TBSCertificateGenerator.altNamePresentAndCritical = true;
            }
        }
        V3TBSCertificateGenerator v3TBSCertificateGenerator2 = jcaX509v3CertificateBuilder.tbsGen;
        if (v3TBSCertificateGenerator2.serialNumber == null || v3TBSCertificateGenerator2.signature == null || v3TBSCertificateGenerator2.issuer == null || v3TBSCertificateGenerator2.startDate == null || v3TBSCertificateGenerator2.endDate == null || ((v3TBSCertificateGenerator2.subject == null && !v3TBSCertificateGenerator2.altNamePresentAndCritical) || v3TBSCertificateGenerator2.subjectPublicKeyInfo == null)) {
            throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
        }
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(v3TBSCertificateGenerator2.version);
        aSN1EncodableVector.add(v3TBSCertificateGenerator2.serialNumber);
        aSN1EncodableVector.add(v3TBSCertificateGenerator2.signature);
        aSN1EncodableVector.add(v3TBSCertificateGenerator2.issuer);
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        aSN1EncodableVector2.add(v3TBSCertificateGenerator2.startDate);
        aSN1EncodableVector2.add(v3TBSCertificateGenerator2.endDate);
        aSN1EncodableVector.add(new DERSequence(aSN1EncodableVector2));
        if (v3TBSCertificateGenerator2.subject != null) {
            aSN1EncodableVector.add(v3TBSCertificateGenerator2.subject);
        } else {
            aSN1EncodableVector.add(new DERSequence());
        }
        aSN1EncodableVector.add(v3TBSCertificateGenerator2.subjectPublicKeyInfo);
        if (v3TBSCertificateGenerator2.issuerUniqueID != null) {
            aSN1EncodableVector.add(new DERTaggedObject(false, 1, v3TBSCertificateGenerator2.issuerUniqueID));
        }
        if (v3TBSCertificateGenerator2.subjectUniqueID != null) {
            aSN1EncodableVector.add(new DERTaggedObject(false, 2, v3TBSCertificateGenerator2.subjectUniqueID));
        }
        if (v3TBSCertificateGenerator2.extensions != null) {
            aSN1EncodableVector.add(new DERTaggedObject(true, 3, v3TBSCertificateGenerator2.extensions));
        }
        X509CertificateHolder generateFullCert = CertUtils.generateFullCert(build, TBSCertificate.getInstance(new DERSequence(aSN1EncodableVector)));
        JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
        jcaX509CertificateConverter.helper = new NamedCertHelper(SECURITY_PROVIDER_NAME);
        X509Certificate certificate = jcaX509CertificateConverter.getCertificate(generateFullCert);
        certificate.checkValidity(new Date());
        certificate.verify(keyPair.getPublic());
        return certificate;
    }

    /* JADX WARN: Removed duplicated region for block: B:12:0x005a A[Catch: Exception -> 0x0045, TRY_LEAVE, TryCatch #2 {Exception -> 0x0045, blocks: (B:3:0x0001, B:6:0x0035, B:15:0x0041, B:13:0x0044, B:12:0x005a, B:18:0x0056), top: B:2:0x0001, inners: #0 }] */
    /* JADX WARN: Removed duplicated region for block: B:14:0x0041 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private byte[] generateDefaultAndroidDebugKeystore() {
        /*
            r12 = this;
            r6 = 0
            java.io.ByteArrayOutputStream r4 = new java.io.ByteArrayOutputStream     // Catch: java.lang.Exception -> L45
            r4.<init>()     // Catch: java.lang.Exception -> L45
            java.lang.String r5 = r12.sslSourceType     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            java.security.KeyStore r3 = java.security.KeyStore.getInstance(r5)     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            r5 = 0
            char[] r7 = com.amazon.cloud9.kids.webserver.WebServer.SSL_TRUST_KEY     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            r3.load(r5, r7)     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            java.security.KeyPair r2 = generateKeyPair()     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            java.security.cert.X509Certificate r0 = generateCertificate(r2)     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            java.lang.String r5 = "selfsigned"
            java.security.PrivateKey r7 = r2.getPrivate()     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            char[] r8 = com.amazon.cloud9.kids.webserver.WebServer.SSL_TRUST_KEY     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            r9 = 1
            java.security.cert.X509Certificate[] r9 = new java.security.cert.X509Certificate[r9]     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            r10 = 0
            r9[r10] = r0     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            r3.setKeyEntry(r5, r7, r8, r9)     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            char[] r5 = com.amazon.cloud9.kids.webserver.WebServer.SSL_TRUST_KEY     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            r3.store(r4, r5)     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            byte[] r5 = r4.toByteArray()     // Catch: java.lang.Throwable -> L39 java.lang.Throwable -> L5e
            r4.close()     // Catch: java.lang.Exception -> L45
            return r5
        L39:
            r5 = move-exception
            throw r5     // Catch: java.lang.Throwable -> L3b
        L3b:
            r6 = move-exception
            r11 = r6
            r6 = r5
            r5 = r11
        L3f:
            if (r6 == 0) goto L5a
            r4.close()     // Catch: java.lang.Exception -> L45 java.lang.Throwable -> L55
        L44:
            throw r5     // Catch: java.lang.Exception -> L45
        L45:
            r1 = move-exception
            java.lang.String r5 = "Cloud9KidsWebServer"
            java.lang.String r6 = "An error occurred while generating the keystore"
            android.util.Log.e(r5, r6, r1)
            java.lang.IllegalStateException r5 = new java.lang.IllegalStateException
            java.lang.String r6 = "Failed to generate default Android debug keystore."
            r5.<init>(r6)
            throw r5
        L55:
            r7 = move-exception
            r6.addSuppressed(r7)     // Catch: java.lang.Exception -> L45
            goto L44
        L5a:
            r4.close()     // Catch: java.lang.Exception -> L45
            goto L44
        L5e:
            r5 = move-exception
            goto L3f
        */
        throw new UnsupportedOperationException("Method not decompiled: com.amazon.cloud9.kids.webserver.WebServer.generateDefaultAndroidDebugKeystore():byte[]");
    }

    private static KeyPair generateKeyPair() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_PAIR_GENERATOR_CRYPTO_SUITE);
        keyPairGenerator.initialize(SSL_DEFAULT_KEY_PAIR_SIZE);
        return keyPairGenerator.generateKeyPair();
    }

    public SSLSocketFactory getSSLSocketFactory() {
        if (this.ctx != null) {
            return this.ctx.getSocketFactory();
        }
        return null;
    }

    /* JADX WARN: Removed duplicated region for block: B:24:0x0094 A[Catch: Exception -> 0x0078, TRY_LEAVE, TryCatch #4 {Exception -> 0x0078, blocks: (B:11:0x000b, B:14:0x005a, B:27:0x0074, B:25:0x0077, B:24:0x0094, B:30:0x0090), top: B:10:0x000b, inners: #2 }] */
    /* JADX WARN: Removed duplicated region for block: B:26:0x0074 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void secureHttpChannel() throws java.io.IOException {
        /*
            r13 = this;
            r8 = 0
            byte[] r7 = r13.generatedAndroidKeystore
            if (r7 != 0) goto Lb
            byte[] r7 = r13.generateDefaultAndroidDebugKeystore()     // Catch: java.lang.Exception -> L5e
            r13.generatedAndroidKeystore = r7     // Catch: java.lang.Exception -> L5e
        Lb:
            java.io.ByteArrayInputStream r3 = new java.io.ByteArrayInputStream     // Catch: java.lang.Exception -> L78
            byte[] r7 = r13.generatedAndroidKeystore     // Catch: java.lang.Exception -> L78
            r3.<init>(r7)     // Catch: java.lang.Exception -> L78
            java.lang.String r7 = r13.sslSourceType     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            java.security.KeyStore r2 = java.security.KeyStore.getInstance(r7)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            char[] r7 = com.amazon.cloud9.kids.webserver.WebServer.SSL_TRUST_KEY     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            r2.load(r3, r7)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            java.lang.String r7 = javax.net.ssl.KeyManagerFactory.getDefaultAlgorithm()     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            javax.net.ssl.KeyManagerFactory r1 = javax.net.ssl.KeyManagerFactory.getInstance(r7)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            char[] r7 = com.amazon.cloud9.kids.webserver.WebServer.SSL_TRUST_KEY     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            r1.init(r2, r7)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            java.lang.String r7 = javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm()     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            javax.net.ssl.TrustManagerFactory r6 = javax.net.ssl.TrustManagerFactory.getInstance(r7)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            r6.init(r2)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            java.lang.String r7 = "TLSv1.2"
            javax.net.ssl.SSLContext r7 = javax.net.ssl.SSLContext.getInstance(r7)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            r13.ctx = r7     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            javax.net.ssl.SSLContext r7 = r13.ctx     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            javax.net.ssl.KeyManager[] r9 = r1.getKeyManagers()     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            javax.net.ssl.TrustManager[] r10 = r6.getTrustManagers()     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            r11 = 0
            r7.init(r9, r10, r11)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            javax.net.ssl.SSLContext r7 = r13.ctx     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            javax.net.ssl.SSLServerSocketFactory r5 = r7.getServerSocketFactory()     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            org.nanohttpd.protocols.http.sockets.SecureServerSocketFactory r7 = new org.nanohttpd.protocols.http.sockets.SecureServerSocketFactory     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            r9 = 0
            r7.<init>(r5, r9)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            r13.setServerSocketFactory(r7)     // Catch: java.lang.Throwable -> L6c java.lang.Throwable -> L98
            r3.close()     // Catch: java.lang.Exception -> L78
            return
        L5e:
            r0 = move-exception
            java.lang.String r4 = "There was an error while generating a dynamic certificate, the channel cannot be secured"
            java.lang.String r7 = "Cloud9KidsWebServer"
            android.util.Log.e(r7, r4, r0)
            java.io.IOException r7 = new java.io.IOException
            r7.<init>(r4, r0)
            throw r7
        L6c:
            r7 = move-exception
            throw r7     // Catch: java.lang.Throwable -> L6e
        L6e:
            r8 = move-exception
            r12 = r8
            r8 = r7
            r7 = r12
        L72:
            if (r8 == 0) goto L94
            r3.close()     // Catch: java.lang.Exception -> L78 java.lang.Throwable -> L8f
        L77:
            throw r7     // Catch: java.lang.Exception -> L78
        L78:
            r0 = move-exception
            java.lang.String r4 = "An error occurred while securing channel, Server couldn't be secured"
            java.lang.String r7 = "Cloud9KidsWebServer"
            android.util.Log.e(r7, r4, r0)
            com.amazon.awsauth.MetricHelperFactory r7 = r13.metricHelperFactory
            java.lang.String r8 = "HtmlAppActivity"
            java.lang.String r9 = "SSLConnectionFailed"
            r7.createMetricAndClose(r8, r9)
            java.io.IOException r7 = new java.io.IOException
            r7.<init>(r4, r0)
            throw r7
        L8f:
            r9 = move-exception
            r8.addSuppressed(r9)     // Catch: java.lang.Exception -> L78
            goto L77
        L94:
            r3.close()     // Catch: java.lang.Exception -> L78
            goto L77
        L98:
            r7 = move-exception
            goto L72
        */
        throw new UnsupportedOperationException("Method not decompiled: com.amazon.cloud9.kids.webserver.WebServer.secureHttpChannel():void");
    }

    @Override // org.nanohttpd.protocols.http.NanoHTTPD
    public void start() throws IOException {
        super.start(SSL_SERVER_TIMEOUT);
    }
}
