package y;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.ayoba.ayoba.common.exception.EncryptionFailException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.security.auth.x500.X500Principal;
import org.jivesoftware.smack.util.StringUtils;
import org.jivesoftware.smackx.message_markup.element.MarkupElement;

/* compiled from: KeystoreHelper.kt */
/* loaded from: classes3.dex */
public final class pi7 {
    public static final pi7 a = new pi7();

    public final String a(Context context, String str, String str2) throws Exception {
        Cipher cipher;
        h86.e(context, "context");
        h86.e(str, "encryptedText");
        h86.e(str2, "iv");
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                cipher = Cipher.getInstance("AES/GCM/NoPadding", "AndroidKeyStoreBCWorkaround");
                h86.d(cipher, "Cipher.getInstance(\n    …ROVIDER\n                )");
                byte[] decode = Base64.decode(str2, 0);
                cipher.init(2, f(), new GCMParameterSpec(128, decode, 0, decode.length));
            } else {
                Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                h86.d(cipher2, "Cipher.getInstance(TRANSFORMATION_ASYMMETRIC)");
                KeyPair d = d(context, e());
                cipher2.init(2, d != null ? d.getPrivate() : null);
                cipher = cipher2;
            }
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                try {
                    int read = cipherInputStream.read();
                    if (read == -1) {
                        break;
                    }
                    arrayList.add(Byte.valueOf((byte) read));
                } finally {
                }
            }
            x36 x36Var = x36.a;
            m66.a(cipherInputStream, null);
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i = 0; i < size; i++) {
                bArr[i] = ((Number) arrayList.get(i)).byteValue();
            }
            return new String(bArr, 0, size, ha6.a);
        } catch (Exception e) {
            throw new Exception(e.getMessage());
        }
    }

    public final String b(Context context, String str, k76<? super String, x36> k76Var) throws Exception {
        Cipher cipher;
        h86.e(context, "context");
        h86.e(str, "plainText");
        h86.e(k76Var, "setIv");
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                cipher = Cipher.getInstance("AES/GCM/NoPadding", "AndroidKeyStoreBCWorkaround");
                h86.d(cipher, "Cipher.getInstance(\n    …ROVIDER\n                )");
                cipher.init(1, f());
                String encodeToString = Base64.encodeToString(cipher.getIV(), 0);
                h86.d(encodeToString, "encryptionIv");
                k76Var.invoke(encodeToString);
            } else {
                Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                h86.d(cipher2, "Cipher.getInstance(TRANSFORMATION_ASYMMETRIC)");
                KeyPair d = d(context, e());
                cipher2.init(1, d != null ? d.getPublic() : null);
                cipher = cipher2;
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            Charset forName = Charset.forName(StringUtils.UTF8);
            h86.d(forName, "Charset.forName(charsetName)");
            byte[] bytes = str.getBytes(forName);
            h86.d(bytes, "(this as java.lang.String).getBytes(charset)");
            cipherOutputStream.write(bytes);
            cipherOutputStream.flush();
            cipherOutputStream.close();
            String encodeToString2 = Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
            h86.d(encodeToString2, "Base64.encodeToString(ou…eArray(), Base64.DEFAULT)");
            return encodeToString2;
        } catch (Exception e) {
            throw new Exception(e.getMessage());
        }
    }

    @TargetApi(23)
    public final void c() {
        try {
            if (e().containsAlias("BACKUP_PIN_ALIAS")) {
                return;
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder("BACKUP_PIN_ALIAS", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").build());
            keyGenerator.generateKey();
        } catch (Exception e) {
            throw new Exception(e.getMessage());
        }
    }

    public final KeyPair d(Context context, KeyStore keyStore) {
        if (keyStore.containsAlias("BACKUP_PIN_ALIAS")) {
            KeyStore.Entry entry = keyStore.getEntry("BACKUP_PIN_ALIAS", null);
            Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            Certificate certificate = privateKeyEntry.getCertificate();
            h86.d(certificate, "privateKeyEntry.certificate");
            PublicKey publicKey = certificate.getPublicKey();
            Objects.requireNonNull(publicKey, "null cannot be cast to non-null type java.security.PublicKey");
            PrivateKey privateKey = privateKeyEntry.getPrivateKey();
            Objects.requireNonNull(privateKey, "null cannot be cast to non-null type java.security.PrivateKey");
            return new KeyPair(publicKey, privateKey);
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(context).setAlias("BACKUP_PIN_ALIAS").setSubject(new X500Principal("CN=$")).setSerialNumber(BigInteger.TEN);
        h86.d(calendar, MarkupElement.MarkupChildElement.ATTR_START);
        KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(calendar.getTime());
        h86.d(calendar2, "end");
        KeyPairGeneratorSpec build = startDate.setEndDate(calendar2.getTime()).build();
        h86.d(build, "KeyPairGeneratorSpec.Bui…                 .build()");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        return keyPairGenerator.generateKeyPair();
    }

    public final KeyStore e() throws Exception {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            h86.d(keyStore, "keyStore");
            return keyStore;
        } catch (Exception e) {
            throw new Exception(e.getMessage());
        }
    }

    public final SecretKey f() throws Exception {
        try {
            if (!g()) {
                throw new EncryptionFailException();
            }
            Key key = e().getKey("BACKUP_PIN_ALIAS", null);
            if (key != null) {
                return (SecretKey) key;
            }
            throw new NullPointerException("null cannot be cast to non-null type javax.crypto.SecretKey");
        } catch (Exception e) {
            throw new Exception(e.getMessage());
        }
    }

    public final boolean g() throws Exception {
        try {
            return e().getKey("BACKUP_PIN_ALIAS", null) != null;
        } catch (KeyStoreException | UnrecoverableKeyException unused) {
            return false;
        } catch (NoSuchAlgorithmException e) {
            throw new Exception(e.getMessage());
        }
    }
}
