package com.softeqlab.aigenisexchange.security;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.StrongBoxUnavailableException;
import com.example.aigenis.tools.utils.Constants;
import io.fabric.sdk.android.services.common.CommonUtils;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: GraphicCryptoApi19.kt */
@Metadata(d1 = {"\u0000L\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\b\u0016\u0018\u00002\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0010\u0010\u000e\u001a\u00020\u000f2\u0006\u0010\u0002\u001a\u00020\u0003H\u0003J\u0010\u0010\u0010\u001a\u00020\u000f2\u0006\u0010\u0002\u001a\u00020\u0003H\u0002J\u0018\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\u00122\u0006\u0010\u0014\u001a\u00020\u0012H\u0016J\u0018\u0010\u0015\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\u00122\u0006\u0010\u0014\u001a\u00020\u0012H\u0016J\b\u0010\u0016\u001a\u00020\u0017H\u0002J\b\u0010\u0018\u001a\u00020\u0019H\u0002J\b\u0010\u001a\u001a\u00020\u001bH\u0002J\u0016\u0010\u001c\u001a\u00020\u001d2\u0006\u0010\u001e\u001a\u00020\u00122\u0006\u0010\u001f\u001a\u00020\u0006J\u000e\u0010 \u001a\u00020\u00122\u0006\u0010!\u001a\u00020\u001dR\u000e\u0010\u0005\u001a\u00020\u0006X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\u0006X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\u0006X\u0082D¢\u0006\u0002\n\u0000R\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\t\u0010\nR\u0016\u0010\u000b\u001a\n \r*\u0004\u0018\u00010\f0\fX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\""}, d2 = {"Lcom/softeqlab/aigenisexchange/security/GraphicCryptoApi19;", "Lcom/softeqlab/aigenisexchange/security/GraphicCrypto;", "context", "Landroid/content/Context;", "(Landroid/content/Context;)V", "KEYSTORE_PROVIDER_ANDROID", "", "KEY_ALIAS", "TYPE_RSA", "getContext", "()Landroid/content/Context;", "ks", "Ljava/security/KeyStore;", "kotlin.jvm.PlatformType", "createKeys", "", "createRSAKeysIfNeeded", "decrypt", "", "byteArray", "iv", "encrypt", "getPrivateKey", "Ljava/security/PrivateKey;", "getPublicKey", "Ljava/security/PublicKey;", "getRSACipher", "Ljavax/crypto/Cipher;", "unwrap", "Ljava/security/Key;", "wrappedKey", "algorithm", "wrap", "key", "app_serverProdRelease"}, k = 1, mv = {1, 6, 0}, xi = 48)
/* loaded from: classes3.dex */
public class GraphicCryptoApi19 implements GraphicCrypto {
    private final String KEYSTORE_PROVIDER_ANDROID;
    private final String KEY_ALIAS;
    private final String TYPE_RSA;
    private final Context context;
    private final KeyStore ks;

    public GraphicCryptoApi19(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        this.context = context;
        this.KEYSTORE_PROVIDER_ANDROID = Constants.KEY_STORE;
        this.KEY_ALIAS = "GRAPHIC_KEY";
        this.TYPE_RSA = "RSA";
        KeyStore keyStore = KeyStore.getInstance(Constants.KEY_STORE);
        this.ks = keyStore;
        keyStore.load(null, null);
        createRSAKeysIfNeeded(this.context);
    }

    private final void createKeys(Context context) throws Exception {
        KeyGenParameterSpec keyGenParameterSpec;
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 25);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.TYPE_RSA, this.KEYSTORE_PROVIDER_ANDROID);
        if (Build.VERSION.SDK_INT < 23) {
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(this.KEY_ALIAS).setSubject(new X500Principal("CN=" + this.KEY_ALIAS)).setSerialNumber(BigInteger.valueOf(1L)).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            Intrinsics.checkNotNullExpressionValue(build, "{\n\n            KeyPairGe…       .build()\n        }");
            keyGenParameterSpec = build;
        } else {
            KeyGenParameterSpec.Builder certificateNotAfter = new KeyGenParameterSpec.Builder(this.KEY_ALIAS, 3).setCertificateSubject(new X500Principal("CN=" + this.KEY_ALIAS)).setDigests(CommonUtils.SHA256_INSTANCE).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(BigInteger.valueOf(1L)).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime());
            Intrinsics.checkNotNullExpressionValue(certificateNotAfter, "Builder(\n               …ificateNotAfter(end.time)");
            if (Build.VERSION.SDK_INT >= 28) {
                certificateNotAfter.setIsStrongBoxBacked(true);
            }
            KeyGenParameterSpec build2 = certificateNotAfter.build();
            Intrinsics.checkNotNullExpressionValue(build2, "{\n            val builde…builder.build()\n        }");
            keyGenParameterSpec = build2;
        }
        try {
            keyPairGenerator.initialize(keyGenParameterSpec);
            keyPairGenerator.generateKeyPair();
        } catch (StrongBoxUnavailableException unused) {
            KeyGenParameterSpec build3 = new KeyGenParameterSpec.Builder(this.KEY_ALIAS, 3).setCertificateSubject(new X500Principal("CN=" + this.KEY_ALIAS)).setDigests(CommonUtils.SHA256_INSTANCE).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(BigInteger.valueOf(1L)).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).build();
            Intrinsics.checkNotNullExpressionValue(build3, "Builder(\n               …\n                .build()");
            keyPairGenerator.initialize(build3);
            keyPairGenerator.generateKeyPair();
        }
    }

    private final void createRSAKeysIfNeeded(Context context) throws Exception {
        if (this.ks.getKey(this.KEY_ALIAS, null) == null) {
            createKeys(context);
        }
    }

    private final PrivateKey getPrivateKey() throws Exception {
        Key key = this.ks.getKey(this.KEY_ALIAS, null);
        if (key != null) {
            PrivateKey privateKey = key instanceof PrivateKey ? (PrivateKey) key : null;
            if (privateKey != null) {
                return privateKey;
            }
            throw new Exception("Not an instance of a PrivateKey");
        }
        throw new Exception("No key found under alias: " + this.KEY_ALIAS);
    }

    private final PublicKey getPublicKey() throws Exception {
        Certificate certificate = this.ks.getCertificate(this.KEY_ALIAS);
        if (certificate == null) {
            throw new Exception("No certificate found under alias: " + this.KEY_ALIAS);
        }
        PublicKey publicKey = certificate.getPublicKey();
        if (publicKey != null) {
            return publicKey;
        }
        throw new Exception("No key found under alias: " + this.KEY_ALIAS);
    }

    private final Cipher getRSACipher() throws Exception {
        if (Build.VERSION.SDK_INT < 23) {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
            Intrinsics.checkNotNullExpressionValue(cipher, "{\n            Cipher.get…e or public key\n        }");
            return cipher;
        }
        Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
        Intrinsics.checkNotNullExpressionValue(cipher2, "{\n            Cipher.get…oreBCWorkaround\n        }");
        return cipher2;
    }

    @Override // com.softeqlab.aigenisexchange.security.GraphicCrypto
    public byte[] decrypt(byte[] byteArray, byte[] iv) throws Exception {
        Intrinsics.checkNotNullParameter(byteArray, "byteArray");
        Intrinsics.checkNotNullParameter(iv, "iv");
        PrivateKey privateKey = getPrivateKey();
        Cipher rSACipher = getRSACipher();
        rSACipher.init(2, privateKey, new IvParameterSpec(iv));
        byte[] doFinal = rSACipher.doFinal(byteArray);
        Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(byteArray)");
        return doFinal;
    }

    @Override // com.softeqlab.aigenisexchange.security.GraphicCrypto
    public byte[] encrypt(byte[] byteArray, byte[] iv) throws Exception {
        Intrinsics.checkNotNullParameter(byteArray, "byteArray");
        Intrinsics.checkNotNullParameter(iv, "iv");
        PublicKey publicKey = getPublicKey();
        Cipher rSACipher = getRSACipher();
        rSACipher.init(1, publicKey, new IvParameterSpec(iv));
        byte[] doFinal = rSACipher.doFinal(byteArray);
        Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(byteArray)");
        return doFinal;
    }

    public final Context getContext() {
        return this.context;
    }

    public final Key unwrap(byte[] wrappedKey, String algorithm) throws Exception {
        Intrinsics.checkNotNullParameter(wrappedKey, "wrappedKey");
        Intrinsics.checkNotNullParameter(algorithm, "algorithm");
        PrivateKey privateKey = getPrivateKey();
        Cipher rSACipher = getRSACipher();
        rSACipher.init(4, privateKey);
        Key unwrap = rSACipher.unwrap(wrappedKey, algorithm, 3);
        Intrinsics.checkNotNullExpressionValue(unwrap, "cipher.unwrap(wrappedKey…rithm, Cipher.SECRET_KEY)");
        return unwrap;
    }

    public final byte[] wrap(Key key) throws Exception {
        Intrinsics.checkNotNullParameter(key, "key");
        PublicKey publicKey = getPublicKey();
        Cipher rSACipher = getRSACipher();
        rSACipher.init(3, publicKey);
        byte[] wrap = rSACipher.wrap(key);
        Intrinsics.checkNotNullExpressionValue(wrap, "cipher.wrap(key)");
        return wrap;
    }
}
