package ag;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import de.adorsys.android.securestorage.CryptoException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;
import q1.k;
import q1.l;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class i {
    i() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String a(Context context, String str) {
        String str2;
        try {
            int i10 = Build.VERSION.SDK_INT;
            if (i10 < 23) {
                str2 = "AndroidOpenSSL";
            } else {
                if (i10 < 23) {
                    Log.e(i.class.getName(), context.getString(a.f681c));
                    throw new CryptoException(context.getString(a.f681c), null);
                }
                str2 = "AndroidKeyStoreBCWorkaround";
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", str2);
            cipher.init(1, g(context));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes("UTF-8"));
            cipherOutputStream.close();
            return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
        } catch (IOException | InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e10) {
            throw new CryptoException(e10.getMessage(), e10);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void b(Context context) {
        if (c()) {
            return;
        }
        int i10 = Build.VERSION.SDK_INT;
        if (i10 >= 23) {
            e();
        } else if (i10 < 23) {
            i(context);
        } else {
            Log.e(i.class.getName(), context.getString(a.f681c));
            throw new CryptoException(context.getString(a.f681c), null);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean c() {
        try {
            return f().getKey("adorsysKeyPair", null) != null;
        } catch (Exception unused) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String d(Context context, String str) {
        String str2;
        try {
            int i10 = Build.VERSION.SDK_INT;
            if (i10 < 23) {
                str2 = "AndroidOpenSSL";
            } else {
                if (i10 < 23) {
                    Log.e(i.class.getName(), context.getString(a.f681c));
                    throw new CryptoException(context.getString(a.f681c), null);
                }
                str2 = "AndroidKeyStoreBCWorkaround";
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", str2);
            cipher.init(2, h(context));
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i11 = 0; i11 < size; i11++) {
                bArr[i11] = ((Byte) arrayList.get(i11)).byteValue();
            }
            return new String(bArr, 0, size, "UTF-8");
        } catch (IOException | InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e10) {
            throw new CryptoException(e10.getMessage(), e10);
        }
    }

    private static void e() {
        KeyGenParameterSpec.Builder keySize;
        KeyGenParameterSpec.Builder keyValidityStart;
        KeyGenParameterSpec.Builder keyValidityEnd;
        KeyGenParameterSpec.Builder userAuthenticationRequired;
        KeyGenParameterSpec.Builder blockModes;
        KeyGenParameterSpec.Builder certificateSerialNumber;
        KeyGenParameterSpec.Builder certificateSubject;
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyGenParameterSpec.Builder signaturePaddings;
        KeyGenParameterSpec build;
        try {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 99);
            l.a();
            keySize = k.a("adorsysKeyPair", 2).setKeySize(1024);
            keyValidityStart = keySize.setKeyValidityStart(calendar.getTime());
            keyValidityEnd = keyValidityStart.setKeyValidityEnd(calendar2.getTime());
            userAuthenticationRequired = keyValidityEnd.setUserAuthenticationRequired(false);
            blockModes = userAuthenticationRequired.setBlockModes("ECB");
            certificateSerialNumber = blockModes.setCertificateSerialNumber(BigInteger.TEN);
            certificateSubject = certificateSerialNumber.setCertificateSubject(new X500Principal("CN=SecureDeviceStorage, O=Adorsys, C=Germany"));
            digests = certificateSubject.setDigests("SHA-256", "SHA-512");
            encryptionPaddings = digests.setEncryptionPaddings("PKCS1Padding");
            signaturePaddings = encryptionPaddings.setSignaturePaddings("PKCS1");
            build = signaturePaddings.build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e10) {
            throw new CryptoException(e10.getMessage(), e10);
        }
    }

    private static KeyStore f() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e10) {
            throw new CryptoException(e10.getMessage(), e10);
        }
    }

    private static PublicKey g(Context context) {
        try {
            if (c()) {
                return ((KeyStore.PrivateKeyEntry) f().getEntry("adorsysKeyPair", null)).getCertificate().getPublicKey();
            }
            throw new CryptoException(context.getString(a.f679a), null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e10) {
            throw new CryptoException(e10.getMessage(), e10);
        }
    }

    private static PrivateKey h(Context context) {
        try {
            if (c()) {
                return ((KeyStore.PrivateKeyEntry) f().getEntry("adorsysKeyPair", null)).getPrivateKey();
            }
            throw new CryptoException(context.getString(a.f679a), null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e10) {
            throw new CryptoException(e10.getMessage(), e10);
        }
    }

    private static void i(Context context) {
        try {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 99);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias("adorsysKeyPair").setSubject(new X500Principal("CN=SecureDeviceStorage, O=Adorsys, C=Germany")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e10) {
            throw new CryptoException(e10.getMessage(), e10);
        }
    }
}
