package dev.skomlach.biometric.compat.crypto;

import a.Zz.lfXiuYN;
import android.content.Context;
import android.content.SharedPreferences;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import c5.c;
import com.tencent.soter.core.keystore.KeyPropertiesCompact;
import dev.skomlach.biometric.compat.crypto.rsa.RsaKeyHeader;
import dev.skomlach.biometric.compat.crypto.rsa.RsaPrivateKey;
import dev.skomlach.biometric.compat.crypto.rsa.RsaPublicKey;
import dev.skomlach.biometric.compat.utils.logging.BiometricLoggerImpl;
import i5.a;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.List;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;
import k7.l;
import k8.MxK.xbdbk;

/* loaded from: classes.dex */
public final class CryptographyManagerInterfaceKitkatImpl implements CryptographyManagerInterface {
    private final Context context = c.f4159a.j();

    private final String getANDROID_KEYSTORE_PROVIDER_TYPE() {
        return "AndroidKeyStore";
    }

    private final AlgorithmParameterSpec getAlgorithmParameterSpec(String str) {
        X500Principal x500Principal = new X500Principal("CN=" + str);
        BigInteger valueOf = BigInteger.valueOf(1337L);
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 1000);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.context).setAlias(str).setKeySize(RsaKeyHeader.KEY_SIZE).setSubject(x500Principal).setSerialNumber(valueOf).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        l.e(build, "Builder(context)\n       …ate)\n            .build()");
        return build;
    }

    private final Cipher getCipher() {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        l.e(cipher, "getInstance(\"RSA/ECB/PKCS1Padding\")");
        return cipher;
    }

    private final String getKEYSTORE_FALLBACK_NAME() {
        return "biometric_keystore_fallback";
    }

    private final KeyPair getKeyPairFromFallback(String str) {
        try {
            SharedPreferences a10 = a.f8691a.a(getKEYSTORE_FALLBACK_NAME() + "-" + str);
            if (a10.contains(getPRIVATE_KEY_NAME()) && a10.contains(getPUBLIC_KEY_NAME())) {
                byte[] decode = Base64.decode(a10.getString(getPRIVATE_KEY_NAME(), null), 0);
                byte[] decode2 = Base64.decode(a10.getString(getPUBLIC_KEY_NAME(), null), 0);
                RsaPrivateKey.Companion companion = RsaPrivateKey.Companion;
                l.e(decode, lfXiuYN.XKg);
                RsaPrivateKey fromByteArray = companion.fromByteArray(decode, 8);
                RsaPublicKey.Companion companion2 = RsaPublicKey.Companion;
                l.e(decode2, "publicKeyBytes");
                return new KeyPair(companion2.fromByteArray(decode2, 8).toRsaKey(), fromByteArray.toRsaKey());
            }
        } catch (Throwable unused) {
        }
        return null;
    }

    private final void getOrCreateSecretKey(String str) {
        if (keyExist(str)) {
            return;
        }
        Locale locale = Locale.getDefault();
        try {
            try {
                setFakeEnglishLocale();
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(getTYPE_RSA(), getANDROID_KEYSTORE_PROVIDER_TYPE());
                keyPairGenerator.initialize(getAlgorithmParameterSpec(str));
                keyPairGenerator.generateKeyPair();
            } catch (IllegalStateException unused) {
                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(getTYPE_RSA());
                keyPairGenerator2.initialize(RsaKeyHeader.KEY_SIZE);
                KeyPair generateKeyPair = keyPairGenerator2.generateKeyPair();
                l.e(generateKeyPair, "keyPair.generateKeyPair()");
                storeKeyPairInFallback(str, generateKeyPair);
            } catch (Exception e10) {
                throw e10;
            }
        } finally {
            l.e(locale, "localeBeforeFakingEnglishLocale");
            setLocale(locale);
        }
    }

    private final String getPRIVATE_KEY_NAME() {
        return "privateKey";
    }

    private final String getPUBLIC_KEY_NAME() {
        return "publicKey";
    }

    private final List<PrivateKey> getPrivateKeys(String str) {
        ArrayList arrayList = new ArrayList();
        Locale locale = Locale.getDefault();
        try {
            setFakeEnglishLocale();
            KeyStore keyStore = KeyStore.getInstance(getANDROID_KEYSTORE_PROVIDER_TYPE());
            keyStore.load(null);
            arrayList.add((PrivateKey) keyStore.getKey(str, null));
        } catch (Throwable unused) {
        }
        l.e(locale, "localeBeforeFakingEnglishLocale");
        setLocale(locale);
        KeyPair keyPairFromFallback = getKeyPairFromFallback(str);
        if (keyPairFromFallback != null) {
            arrayList.add(keyPairFromFallback.getPrivate());
        }
        return arrayList;
    }

    private final List<PublicKey> getPublicKeys(String str) {
        ArrayList arrayList = new ArrayList();
        Locale locale = Locale.getDefault();
        try {
            setFakeEnglishLocale();
            KeyStore keyStore = KeyStore.getInstance(getANDROID_KEYSTORE_PROVIDER_TYPE());
            keyStore.load(null);
            Certificate certificate = keyStore.getCertificate(str);
            arrayList.add(certificate != null ? certificate.getPublicKey() : null);
        } catch (Throwable unused) {
        }
        l.e(locale, "localeBeforeFakingEnglishLocale");
        setLocale(locale);
        KeyPair keyPairFromFallback = getKeyPairFromFallback(str);
        if (keyPairFromFallback != null) {
            arrayList.add(keyPairFromFallback.getPublic());
        }
        return arrayList;
    }

    private final String getTYPE_RSA() {
        return KeyPropertiesCompact.KEY_ALGORITHM_RSA;
    }

    private final boolean keyExist(String str) {
        boolean z10;
        boolean keyPairInFallback = keyPairInFallback(str);
        try {
            KeyStore keyStore = KeyStore.getInstance(getANDROID_KEYSTORE_PROVIDER_TYPE());
            keyStore.load(null);
            if (!keyPairInFallback) {
                if (!keyStore.containsAlias(str)) {
                    z10 = false;
                    return z10;
                }
            }
            z10 = true;
            return z10;
        } catch (Throwable unused) {
            return keyPairInFallback;
        }
    }

    private final boolean keyPairInFallback(String str) {
        try {
            SharedPreferences a10 = a.f8691a.a(getKEYSTORE_FALLBACK_NAME() + "-" + str);
            if (a10.contains(getPRIVATE_KEY_NAME())) {
                return a10.contains(getPUBLIC_KEY_NAME());
            }
            return false;
        } catch (Throwable unused) {
            return false;
        }
    }

    private final void setFakeEnglishLocale() {
        Locale locale = Locale.US;
        l.e(locale, xbdbk.UIQnTGV);
        setLocale(locale);
    }

    private final void setLocale(Locale locale) {
        Locale.setDefault(locale);
        Resources resources = this.context.getResources();
        Configuration configuration = resources.getConfiguration();
        configuration.locale = locale;
        resources.updateConfiguration(configuration, resources.getDisplayMetrics());
    }

    private final void storeKeyPairInFallback(String str, KeyPair keyPair) {
        try {
            RsaPrivateKey.Companion companion = RsaPrivateKey.Companion;
            PrivateKey privateKey = keyPair.getPrivate();
            l.d(privateKey, "null cannot be cast to non-null type java.security.interfaces.RSAPrivateCrtKey");
            RsaPrivateKey fromRsaKey = companion.fromRsaKey((RSAPrivateCrtKey) privateKey);
            RsaPublicKey.Companion companion2 = RsaPublicKey.Companion;
            PublicKey publicKey = keyPair.getPublic();
            l.d(publicKey, "null cannot be cast to non-null type java.security.interfaces.RSAPublicKey");
            RsaPublicKey fromRsaKey2 = companion2.fromRsaKey((RSAPublicKey) publicKey);
            a.f8691a.a(getKEYSTORE_FALLBACK_NAME() + "-" + str).edit().putString(getPRIVATE_KEY_NAME(), Base64.encodeToString(fromRsaKey.toByteArray(8), 0)).putString(getPUBLIC_KEY_NAME(), Base64.encodeToString(fromRsaKey2.toByteArray(8), 0)).apply();
        } catch (Throwable unused) {
        }
    }

    @Override // dev.skomlach.biometric.compat.crypto.CryptographyManagerInterface
    public void deleteKey(String str) {
        l.f(str, "keyName");
        KeyStore keyStore = KeyStore.getInstance(getANDROID_KEYSTORE_PROVIDER_TYPE());
        keyStore.load(null);
        keyStore.deleteEntry("CryptographyManagerInterfaceKitkatImpl." + str);
        a.f8691a.a(getKEYSTORE_FALLBACK_NAME() + "-" + str).edit().clear().apply();
    }

    @Override // dev.skomlach.biometric.compat.crypto.CryptographyManagerInterface
    public Cipher getInitializedCipherForDecryption(String str, boolean z10, byte[] bArr) {
        l.f(str, "keyName");
        try {
            Cipher cipher = getCipher();
            getOrCreateSecretKey("CryptographyManagerInterfaceKitkatImpl." + str);
            for (PrivateKey privateKey : getPrivateKeys("CryptographyManagerInterfaceKitkatImpl." + str)) {
                if (privateKey != null) {
                    try {
                        cipher.init(2, privateKey);
                    } catch (Exception unused) {
                    }
                }
            }
            return cipher;
        } catch (Throwable th) {
            BiometricLoggerImpl.INSTANCE.e(th, "KeyName=CryptographyManagerInterfaceKitkatImpl." + str + "; isUserAuthRequired=" + z10);
            throw th;
        }
    }

    @Override // dev.skomlach.biometric.compat.crypto.CryptographyManagerInterface
    public Cipher getInitializedCipherForEncryption(String str, boolean z10) {
        l.f(str, "keyName");
        try {
            Cipher cipher = getCipher();
            getOrCreateSecretKey("CryptographyManagerInterfaceKitkatImpl." + str);
            for (PublicKey publicKey : getPublicKeys("CryptographyManagerInterfaceKitkatImpl." + str)) {
                if (publicKey != null) {
                    try {
                        cipher.init(1, KeyFactory.getInstance(publicKey.getAlgorithm()).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded())));
                        return cipher;
                    } catch (Exception unused) {
                        continue;
                    }
                }
            }
            throw new IllegalStateException("Cipher initialization error");
        } catch (Throwable th) {
            BiometricLoggerImpl.INSTANCE.e(th, "KeyName=CryptographyManagerInterfaceKitkatImpl." + str + "; isUserAuthRequired=" + z10);
            throw th;
        }
    }
}
