package com.nimses.blockchainkit.utils.securestorage;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.google.android.exoplayer2.text.ttml.TtmlNode;
import com.nimses.blockchainkit.utils.securestorage.SecureStorageException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.security.auth.x500.X500Principal;
import kotlin.TypeCastException;
import kotlin.a0.d.l;

/* compiled from: KeystoreTool.kt */
/* loaded from: classes4.dex */
public final class a {
    public static final a b = new a();
    private static final Charset a = Charset.forName("UTF-8");

    private a() {
    }

    private final KeyStore b() throws SecureStorageException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            l.a((Object) keyStore, "keyStore");
            return keyStore;
        } catch (Exception e2) {
            throw new SecureStorageException(e2.getMessage(), e2, SecureStorageException.a.KEYSTORE_EXCEPTION);
        }
    }

    private final void b(Context context) throws SecureStorageException {
        try {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 99);
            KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(context).setAlias("adorsysKeyPair").setSubject(new X500Principal("CN=SecureDeviceStorage, O=Nimses, C=Ukraine")).setSerialNumber(BigInteger.TEN);
            l.a((Object) calendar, "start");
            KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(calendar.getTime());
            l.a((Object) calendar2, TtmlNode.END);
            KeyPairGeneratorSpec build = startDate.setEndDate(calendar2.getTime()).build();
            l.a((Object) build, "KeyPairGeneratorSpec.Bui….time)\n          .build()");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            throw new SecureStorageException(e2.getMessage(), e2, SecureStorageException.a.KEYSTORE_EXCEPTION);
        }
    }

    private final PrivateKey c() throws SecureStorageException {
        try {
            if (!a()) {
                throw new SecureStorageException("KeyPair does not exist in Keystore", null, SecureStorageException.a.INTERNAL_LIBRARY_EXCEPTION);
            }
            if (Build.VERSION.SDK_INT >= 28) {
                Key key = b().getKey("adorsysKeyPair", null);
                if (key != null) {
                    return (PrivateKey) key;
                }
                throw new TypeCastException("null cannot be cast to non-null type java.security.PrivateKey");
            }
            KeyStore.Entry entry = b().getEntry("adorsysKeyPair", null);
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                entry = null;
            }
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            if (privateKeyEntry == null) {
                com.nimses.blockchainkit.c.a.a(com.nimses.blockchainkit.c.a.a, null, "Not an instance of a PrivateKeyEntry", 1, null);
            }
            if (privateKeyEntry != null) {
                return privateKeyEntry.getPrivateKey();
            }
            return null;
        } catch (Exception e2) {
            throw new SecureStorageException(e2.getMessage(), e2, SecureStorageException.a.KEYSTORE_EXCEPTION);
        }
    }

    private final PublicKey d() throws SecureStorageException {
        Certificate certificate;
        try {
            if (!a()) {
                throw new SecureStorageException("KeyPair does not exist in Keystore", null, SecureStorageException.a.INTERNAL_LIBRARY_EXCEPTION);
            }
            if (Build.VERSION.SDK_INT >= 28) {
                Certificate certificate2 = b().getCertificate("adorsysKeyPair");
                l.a((Object) certificate2, "keyStoreInstance.getCertificate(KEY_ALIAS)");
                return certificate2.getPublicKey();
            }
            KeyStore.Entry entry = b().getEntry("adorsysKeyPair", null);
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                entry = null;
            }
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            if (privateKeyEntry == null) {
                com.nimses.blockchainkit.c.a.a(com.nimses.blockchainkit.c.a.a, null, "Not an instance of a PrivateKeyEntry", 1, null);
            }
            if (privateKeyEntry == null || (certificate = privateKeyEntry.getCertificate()) == null) {
                return null;
            }
            return certificate.getPublicKey();
        } catch (Exception e2) {
            throw new SecureStorageException(e2.getMessage(), e2, SecureStorageException.a.KEYSTORE_EXCEPTION);
        }
    }

    public final String a(String str) throws SecureStorageException {
        Cipher cipher;
        l.b(str, "encryptedMessage");
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
                l.a((Object) cipher, "Cipher.getInstance(\n    …HER_MARSHMALLOW_PROVIDER)");
            } else {
                cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
                l.a((Object) cipher, "Cipher.getInstance(\n    …IPHER_JELLYBEAN_PROVIDER)");
            }
            cipher.init(2, c());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i2 = 0; i2 < size; i2++) {
                Object obj = arrayList.get(i2);
                l.a(obj, "values[i]");
                bArr[i2] = ((Number) obj).byteValue();
            }
            Charset charset = a;
            l.a((Object) charset, "KEY_CHARSET");
            return new String(bArr, 0, size, charset);
        } catch (Exception e2) {
            throw new SecureStorageException(e2.getMessage(), e2, SecureStorageException.a.CRYPTO_EXCEPTION);
        }
    }

    public final void a(Context context) throws SecureStorageException {
        l.b(context, "context");
        if (a()) {
            return;
        }
        b(context);
    }

    public final boolean a() throws SecureStorageException {
        try {
            return b().getKey("adorsysKeyPair", null) != null;
        } catch (Exception e2) {
            throw new SecureStorageException(e2.getMessage(), e2, SecureStorageException.a.KEYSTORE_EXCEPTION);
        }
    }

    public final String b(String str) throws SecureStorageException {
        Cipher cipher;
        l.b(str, "plainMessage");
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
                l.a((Object) cipher, "Cipher.getInstance(\n    …HER_MARSHMALLOW_PROVIDER)");
            } else {
                cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
                l.a((Object) cipher, "Cipher.getInstance(\n    …IPHER_JELLYBEAN_PROVIDER)");
            }
            cipher.init(1, d());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            Charset charset = a;
            l.a((Object) charset, "KEY_CHARSET");
            byte[] bytes = str.getBytes(charset);
            l.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
            cipherOutputStream.write(bytes);
            cipherOutputStream.close();
            return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
        } catch (Exception e2) {
            throw new SecureStorageException(e2.getMessage(), e2, SecureStorageException.a.KEYSTORE_EXCEPTION);
        }
    }
}
