package com.intuit.identity.exptplatform.util;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.util.Log;
import ch.qos.logback.core.joran.action.Action;
import com.intuit.identity.exptplatform.util.Base64Wrapper;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Enumeration;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;

/* compiled from: KeyStoreHelper.kt */
@Metadata(d1 = {"\u0000:\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u000e\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0002\b\n\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\u0018\u0000 !2\u00020\u0001:\u0001!B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u000e\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u0007J\u0016\u0010\u0013\u001a\u00020\u00072\u0006\u0010\u0012\u001a\u00020\u00072\u0006\u0010\u0014\u001a\u00020\u0007J\u0018\u0010\u0015\u001a\u00020\u00072\u0006\u0010\u0012\u001a\u00020\u00072\u0006\u0010\u0016\u001a\u00020\u0007H\u0002J\u000e\u0010\u0017\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u0007J\u0016\u0010\u0018\u001a\u00020\u00072\u0006\u0010\u0012\u001a\u00020\u00072\u0006\u0010\u0014\u001a\u00020\u0007J\u0018\u0010\u0019\u001a\u00020\u00072\u0006\u0010\u0012\u001a\u00020\u00072\u0006\u0010\u001a\u001a\u00020\u0007H\u0002J\u0010\u0010\u001b\u001a\u00020\u001c2\u0006\u0010\u0012\u001a\u00020\u0007H\u0002J\u0012\u0010\u001d\u001a\u0004\u0018\u00010\u001e2\u0006\u0010\u0012\u001a\u00020\u0007H\u0002J\u0018\u0010\u001f\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u00072\u0006\u0010 \u001a\u00020\u0007H\u0002R \u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00070\u0006X\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\b\u0010\t\"\u0004\b\n\u0010\u000bR\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\f\u0010\rR\u000e\u0010\u000e\u001a\u00020\u000fX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\""}, d2 = {"Lcom/intuit/identity/exptplatform/util/KeyStoreHelper;", "", "context", "Landroid/content/Context;", "(Landroid/content/Context;)V", "aliases", "Ljava/util/Enumeration;", "", "getAliases", "()Ljava/util/Enumeration;", "setAliases", "(Ljava/util/Enumeration;)V", "getContext", "()Landroid/content/Context;", "keyStore", "Ljava/security/KeyStore;", "createNewKeys", "", "alias", "decryptLargeString", "data", "decryptString", "encrypted", "deleteKey", "encryptLargeString", "encryptString", "toEncrypt", "getEncryptedKey", "Ljavax/crypto/SecretKey;", "getPrivateKey", "Ljava/security/KeyStore$PrivateKeyEntry;", "saveEncryptedKey", Action.KEY_ATTRIBUTE, "Companion", "ixp-android-sdk_release"}, k = 1, mv = {1, 5, 1}, xi = 48)
/* loaded from: classes7.dex */
public final class KeyStoreHelper {

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    private static String keyStoreProvider = "AndroidKeyStore";
    private Enumeration<String> aliases;
    private final Context context;
    private final KeyStore keyStore;

    /* compiled from: KeyStoreHelper.kt */
    @Metadata(d1 = {"\u0000\u0014\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0005\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u001a\u0010\u0003\u001a\u00020\u0004X\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u0005\u0010\u0006\"\u0004\b\u0007\u0010\b¨\u0006\t"}, d2 = {"Lcom/intuit/identity/exptplatform/util/KeyStoreHelper$Companion;", "", "()V", "keyStoreProvider", "", "getKeyStoreProvider", "()Ljava/lang/String;", "setKeyStoreProvider", "(Ljava/lang/String;)V", "ixp-android-sdk_release"}, k = 1, mv = {1, 5, 1}, xi = 48)
    /* loaded from: classes7.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final String getKeyStoreProvider() {
            return KeyStoreHelper.keyStoreProvider;
        }

        public final void setKeyStoreProvider(String str) {
            Intrinsics.checkNotNullParameter(str, "<set-?>");
            KeyStoreHelper.keyStoreProvider = str;
        }
    }

    public KeyStoreHelper(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        this.context = context;
        KeyStore keyStore = KeyStore.getInstance(keyStoreProvider);
        keyStore.load(null);
        Unit unit = Unit.INSTANCE;
        Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(keyStoreProv…     load(null)\n        }");
        this.keyStore = keyStore;
        Enumeration<String> aliases = keyStore.aliases();
        Intrinsics.checkNotNullExpressionValue(aliases, "keyStore.aliases()");
        this.aliases = aliases;
    }

    private final String decryptString(String alias, String encrypted) {
        try {
            KeyStore.PrivateKeyEntry privateKey = getPrivateKey(alias);
            if (privateKey == null) {
                return encrypted;
            }
            PrivateKey privateKey2 = privateKey.getPrivateKey();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, privateKey2);
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64Wrapper.INSTANCE.decode(encrypted)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            int i = size - 1;
            if (i >= 0) {
                int i2 = 0;
                while (true) {
                    int i3 = i2 + 1;
                    Object obj = arrayList.get(i2);
                    Intrinsics.checkNotNullExpressionValue(obj, "values[i]");
                    bArr[i2] = ((Number) obj).byteValue();
                    if (i3 > i) {
                        break;
                    }
                    i2 = i3;
                }
            }
            return new String(bArr, 0, size, Charsets.UTF_8);
        } catch (Exception e) {
            e.printStackTrace();
            return encrypted;
        }
    }

    private final String encryptString(String alias, String toEncrypt) {
        try {
            KeyStore.PrivateKeyEntry privateKey = getPrivateKey(alias);
            if (privateKey == null) {
                return toEncrypt;
            }
            PublicKey publicKey = privateKey.getCertificate().getPublicKey();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, publicKey);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            Charset charset = Charsets.UTF_8;
            if (toEncrypt == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = toEncrypt.getBytes(charset);
            Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
            cipherOutputStream.write(bytes);
            cipherOutputStream.close();
            byte[] vals = byteArrayOutputStream.toByteArray();
            Base64Wrapper.Companion companion = Base64Wrapper.INSTANCE;
            Intrinsics.checkNotNullExpressionValue(vals, "vals");
            return companion.encodeToString(vals);
        } catch (Exception e) {
            e.printStackTrace();
            return toEncrypt;
        }
    }

    private final SecretKey getEncryptedKey(String alias) {
        String string = this.context.getSharedPreferences("IXPSharedPreferences", 0).getString(alias, null);
        if (string != null) {
            return new SecretKeySpec(Base64Wrapper.INSTANCE.decode(decryptString(alias, string)), "AES");
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        SecretKey newKey = keyGenerator.generateKey();
        Base64Wrapper.Companion companion = Base64Wrapper.INSTANCE;
        byte[] encoded = newKey.getEncoded();
        Intrinsics.checkNotNullExpressionValue(encoded, "newKey.encoded");
        saveEncryptedKey(alias, companion.encodeToString(encoded));
        Intrinsics.checkNotNullExpressionValue(newKey, "newKey");
        return newKey;
    }

    private final KeyStore.PrivateKeyEntry getPrivateKey(String alias) {
        KeyStore.Entry entry = this.keyStore.getEntry(alias, null);
        if (entry == null) {
            Log.i("ContentValues", Intrinsics.stringPlus("No key found under alias: ", alias));
            Log.i("ContentValues", "Generating new key...");
            try {
                createNewKeys(alias);
                entry = this.keyStore.getEntry(alias, null);
                if (entry == null) {
                    Log.v("ContentValues", "Generating new key failed...");
                    return null;
                }
            } catch (InvalidAlgorithmParameterException e) {
                Log.v("ContentValues", "Generating new key failed...");
                e.printStackTrace();
                return null;
            } catch (NoSuchProviderException e2) {
                Log.v("ContentValues", "Generating new key failed...");
                e2.printStackTrace();
                return null;
            }
        }
        if (entry instanceof KeyStore.PrivateKeyEntry) {
            return (KeyStore.PrivateKeyEntry) entry;
        }
        Log.v("ContentValues", "Not an instance of a PrivateKeyEntry");
        Log.v("ContentValues", "Exiting signData()...");
        return null;
    }

    private final void saveEncryptedKey(String alias, String key) {
        SharedPreferences.Editor edit = this.context.getSharedPreferences("IXPSharedPreferences", 0).edit();
        edit.putString(alias, encryptString(alias, key));
        edit.commit();
    }

    public final void createNewKeys(String alias) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        try {
            if (!this.keyStore.containsAlias(alias)) {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 1);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.context).setAlias(alias).setSubject(new X500Principal("CN=IXP, O=Android Authority")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                Intrinsics.checkNotNullExpressionValue(build, "Builder(context)\n       …                 .build()");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", keyStoreProvider);
                Intrinsics.checkNotNullExpressionValue(keyPairGenerator, "getInstance(\"RSA\", keyStoreProvider)");
                keyPairGenerator.initialize(build);
                Intrinsics.checkNotNullExpressionValue(keyPairGenerator.generateKeyPair(), "generator.generateKeyPair()");
            }
        } catch (Exception e) {
            System.out.print((Object) e.getLocalizedMessage());
        }
        Enumeration<String> aliases = this.keyStore.aliases();
        Intrinsics.checkNotNullExpressionValue(aliases, "keyStore.aliases()");
        this.aliases = aliases;
    }

    public final String decryptLargeString(String alias, String data) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(data, "data");
        SecretKey encryptedKey = getEncryptedKey(alias);
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(2, encryptedKey);
        byte[] byteCipherText = cipher.doFinal(Base64Wrapper.INSTANCE.decode(data));
        Intrinsics.checkNotNullExpressionValue(byteCipherText, "byteCipherText");
        return new String(byteCipherText, Charsets.UTF_8);
    }

    public final void deleteKey(String alias) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        try {
            this.keyStore.deleteEntry(alias);
        } catch (KeyStoreException e) {
            System.out.print((Object) e.getLocalizedMessage());
        }
        Enumeration<String> aliases = this.keyStore.aliases();
        Intrinsics.checkNotNullExpressionValue(aliases, "keyStore.aliases()");
        this.aliases = aliases;
    }

    public final String encryptLargeString(String alias, String data) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(data, "data");
        SecretKey encryptedKey = getEncryptedKey(alias);
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(1, encryptedKey);
        byte[] bytes = data.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
        byte[] byteCipherText = cipher.doFinal(bytes);
        Base64Wrapper.Companion companion = Base64Wrapper.INSTANCE;
        Intrinsics.checkNotNullExpressionValue(byteCipherText, "byteCipherText");
        return companion.encodeToString(byteCipherText);
    }

    public final Enumeration<String> getAliases() {
        return this.aliases;
    }

    public final Context getContext() {
        return this.context;
    }

    public final void setAliases(Enumeration<String> enumeration) {
        Intrinsics.checkNotNullParameter(enumeration, "<set-?>");
        this.aliases = enumeration;
    }
}
