package de.adorsys.android.securestoragelibrary;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import de.adorsys.android.securestoragelibrary.SecureStorageException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
final class KeystoreTool {
    private static final String KEY_ALIAS = "adorsysKeyPair";
    private static final String KEY_CHARSET = "UTF-8";
    private static final String KEY_CIPHER_JELLYBEAN_PROVIDER = "AndroidOpenSSL";
    private static final String KEY_CIPHER_MARSHMALLOW_PROVIDER = "AndroidKeyStoreBCWorkaround";
    private static final String KEY_ENCRYPTION_ALGORITHM = "RSA";
    private static final String KEY_KEYSTORE_NAME = "AndroidKeyStore";
    private static final String KEY_TRANSFORMATION_ALGORITHM = "RSA/ECB/PKCS1Padding";
    private static final String KEY_X500PRINCIPAL = "CN=SecureDeviceStorage, O=Adorsys, C=Germany";

    private KeystoreTool() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String decryptMessage(Context context, String str) throws SecureStorageException {
        try {
            Cipher cipher = Build.VERSION.SDK_INT >= 23 ? Cipher.getInstance(KEY_TRANSFORMATION_ALGORITHM, KEY_CIPHER_MARSHMALLOW_PROVIDER) : Cipher.getInstance(KEY_TRANSFORMATION_ALGORITHM, KEY_CIPHER_JELLYBEAN_PROVIDER);
            cipher.init(2, getPrivateKey(context));
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            byte[] bArr = new byte[arrayList.size()];
            for (int i = 0; i < bArr.length; i++) {
                bArr[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            return new String(bArr, 0, bArr.length, "UTF-8");
        } catch (Exception e) {
            throw new SecureStorageException(e.getMessage(), e, SecureStorageException.ExceptionType.CRYPTO_EXCEPTION);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void deleteKeyPair(Context context) throws SecureStorageException {
        if (keyPairExists()) {
            try {
                getKeyStoreInstance().deleteEntry(KEY_ALIAS);
            } catch (KeyStoreException e) {
                throw new SecureStorageException(e.getMessage(), e, SecureStorageException.ExceptionType.KEYSTORE_EXCEPTION);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String encryptMessage(Context context, String str) throws SecureStorageException {
        try {
            Cipher cipher = Build.VERSION.SDK_INT >= 23 ? Cipher.getInstance(KEY_TRANSFORMATION_ALGORITHM, KEY_CIPHER_MARSHMALLOW_PROVIDER) : Cipher.getInstance(KEY_TRANSFORMATION_ALGORITHM, KEY_CIPHER_JELLYBEAN_PROVIDER);
            cipher.init(1, getPublicKey(context));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes("UTF-8"));
            cipherOutputStream.close();
            return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
        } catch (Exception e) {
            throw new SecureStorageException(e.getMessage(), e, SecureStorageException.ExceptionType.KEYSTORE_EXCEPTION);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void generateKeyPair(Context context) throws SecureStorageException {
        if (keyPairExists()) {
            return;
        }
        if (Build.VERSION.SDK_INT >= 23) {
            generateKeyPairForMarshmallow(context);
        } else {
            PRNGFixes.apply();
            generateKeyPairUnderMarshmallow(context);
        }
    }

    private static void generateKeyPairForMarshmallow(Context context) throws SecureStorageException {
        try {
            if (isRTL(context)) {
                Locale.setDefault(Locale.US);
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ENCRYPTION_ALGORITHM, KEY_KEYSTORE_NAME);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(KEY_ALIAS, 3).setEncryptionPaddings("PKCS1Padding").build());
            keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new SecureStorageException(e.getMessage(), e, SecureStorageException.ExceptionType.KEYSTORE_EXCEPTION);
        }
    }

    private static void generateKeyPairUnderMarshmallow(Context context) throws SecureStorageException {
        try {
            if (isRTL(context)) {
                Locale.setDefault(Locale.US);
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 99);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(KEY_ALIAS).setSubject(new X500Principal(KEY_X500PRINCIPAL)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ENCRYPTION_ALGORITHM, KEY_KEYSTORE_NAME);
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new SecureStorageException(e.getMessage(), e, SecureStorageException.ExceptionType.KEYSTORE_EXCEPTION);
        }
    }

    private static KeyStore getKeyStoreInstance() throws SecureStorageException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEY_KEYSTORE_NAME);
            keyStore.load(null);
            return keyStore;
        } catch (Exception e) {
            throw new SecureStorageException(e.getMessage(), e, SecureStorageException.ExceptionType.KEYSTORE_EXCEPTION);
        }
    }

    private static PrivateKey getPrivateKey(Context context) throws SecureStorageException {
        try {
            if (keyPairExists()) {
                return (PrivateKey) getKeyStoreInstance().getKey(KEY_ALIAS, null);
            }
            throw new SecureStorageException(context.getString(R.string.message_keypair_does_not_exist), null, SecureStorageException.ExceptionType.INTERNAL_LIBRARY_EXCEPTION);
        } catch (Exception e) {
            throw new SecureStorageException(e.getMessage(), e, SecureStorageException.ExceptionType.KEYSTORE_EXCEPTION);
        }
    }

    private static PublicKey getPublicKey(Context context) throws SecureStorageException {
        try {
            if (keyPairExists()) {
                return getKeyStoreInstance().getCertificate(KEY_ALIAS).getPublicKey();
            }
            throw new SecureStorageException(context.getString(R.string.message_keypair_does_not_exist), null, SecureStorageException.ExceptionType.INTERNAL_LIBRARY_EXCEPTION);
        } catch (Exception e) {
            throw new SecureStorageException(e.getMessage(), e, SecureStorageException.ExceptionType.KEYSTORE_EXCEPTION);
        }
    }

    private static boolean isRTL(Context context) {
        return context.getResources().getConfiguration().getLayoutDirection() == 1;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean keyPairExists() throws SecureStorageException {
        try {
            return getKeyStoreInstance().getKey(KEY_ALIAS, null) != null;
        } catch (KeyStoreException | UnrecoverableKeyException unused) {
            return false;
        } catch (NoSuchAlgorithmException e) {
            throw new SecureStorageException(e.getMessage(), e, SecureStorageException.ExceptionType.KEYSTORE_EXCEPTION);
        }
    }
}
