package org.xbet.client1.util.keystore;

import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.huawei.hms.push.constant.RemoteMessageConst;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Locale;
import javax.security.auth.x500.X500Principal;
import kotlin.b0.d.e0;
import kotlin.b0.d.h;
import kotlin.b0.d.l;
import org.spongycastle.asn1.x509.a;
import org.spongycastle.cert.b;
import org.spongycastle.cert.c;
import org.spongycastle.operator.d.d;
import org.xbet.client1.presentation.application.ApplicationLoader;

/* compiled from: KeyStoreCompat.kt */
/* loaded from: classes3.dex */
public final class KeyStoreCompat {
    public static final String ALIAS = "1xBetorg.xbet.client1";
    public static final Companion Companion = new Companion(null);
    private static final String FILE_NAME = "trash";
    private static final String KEYSTORE_NAME = "AndroidKeyStore";
    private final KeyStore keyStore;

    /* compiled from: KeyStoreCompat.kt */
    /* loaded from: classes3.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(h hVar) {
            this();
        }

        public final char[] getPassword() {
            String l2 = ApplicationLoader.f7912p.a().W().l().l();
            if (l2 == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            char[] charArray = l2.toCharArray();
            l.e(charArray, "(this as java.lang.String).toCharArray()");
            return charArray;
        }
    }

    public KeyStoreCompat() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_NAME);
        l.e(keyStore, "getInstance(KEYSTORE_NAME)");
        this.keyStore = keyStore;
    }

    private final X509Certificate generateCertificate(KeyPair keyPair) throws Exception {
        Calendar calendar = Calendar.getInstance(Locale.ENGLISH);
        Calendar calendar2 = Calendar.getInstance(Locale.ENGLISH);
        calendar2.add(1, 5);
        c cVar = new c(new org.spongycastle.asn1.l2.c("CN=1xBetorg.xbet.client1"), BigInteger.valueOf(System.currentTimeMillis()), calendar.getTime(), calendar2.getTime(), new org.spongycastle.asn1.l2.c("CN=1xBetorg.xbet.client1"), org.spongycastle.asn1.x509.h.n(keyPair.getPublic().getEncoded()));
        a b = new org.spongycastle.operator.c().b("SHA1withRSA");
        b a = cVar.a(new d(b, new org.spongycastle.operator.b().a(b)).b(org.spongycastle.crypto.l.a.b(keyPair.getPrivate().getEncoded())));
        org.spongycastle.cert.d.c cVar2 = new org.spongycastle.cert.d.c();
        cVar2.b("BC");
        X509Certificate a2 = cVar2.a(a);
        l.e(a2, "JcaX509CertificateConverter().setProvider(\"BC\").getCertificate(certHolder)");
        return a2;
    }

    private final void generateForApiMAndGreater() {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_NAME);
        KeyGenParameterSpec.Builder certificateSerialNumber = new KeyGenParameterSpec.Builder(ALIAS, 12).setCertificateSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
        e0 e0Var = e0.a;
        String format = String.format("CN=%s, OU=%s", Arrays.copyOf(new Object[]{ALIAS, ApplicationLoader.f7912p.a().getPackageName()}, 2));
        l.e(format, "java.lang.String.format(format, *args)");
        keyPairGenerator.initialize(certificateSerialNumber.setCertificateSubject(new X500Principal(format)).setDigests("SHA-256").setSignaturePaddings("PKCS1").setEncryptionPaddings("OAEPPadding").build());
        keyPairGenerator.generateKeyPair();
    }

    private final void generateForOlderApi() {
        ApplicationLoader a = ApplicationLoader.f7912p.a();
        Calendar calendar = Calendar.getInstance(Locale.ENGLISH);
        Calendar calendar2 = Calendar.getInstance(Locale.ENGLISH);
        calendar2.add(1, 10);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_NAME);
        KeyPairGeneratorSpec.Builder alias = new KeyPairGeneratorSpec.Builder(a).setAlias(ALIAS);
        e0 e0Var = e0.a;
        String format = String.format("CN=%s, OU=%s", Arrays.copyOf(new Object[]{ALIAS, a.getPackageName()}, 2));
        l.e(format, "java.lang.String.format(format, *args)");
        keyPairGenerator.initialize(alias.setSubject(new X500Principal(format)).setSerialNumber(BigInteger.valueOf(System.currentTimeMillis())).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
        keyPairGenerator.generateKeyPair();
    }

    private final void store(char[] cArr) throws Exception {
        FileOutputStream openFileOutput = ApplicationLoader.f7912p.a().openFileOutput(FILE_NAME, 0);
        this.keyStore.store(openFileOutput, cArr);
        openFileOutput.close();
    }

    public final boolean containsAlias(String str) throws KeyStoreException {
        l.f(str, "alias");
        return this.keyStore.containsAlias(str);
    }

    public final void createKeys() throws Exception {
        if (Build.VERSION.SDK_INT >= 23) {
            generateForApiMAndGreater();
        } else {
            generateForOlderApi();
        }
    }

    public final void createKeysCompat(String str) throws Exception {
        l.f(str, "algorithm");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str, "BC");
        keyPairGenerator.initialize(2048);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        l.e(generateKeyPair, "keyPair");
        X509Certificate generateCertificate = generateCertificate(generateKeyPair);
        char[] password = Companion.getPassword();
        this.keyStore.setCertificateEntry(ALIAS, generateCertificate);
        this.keyStore.setKeyEntry(ALIAS, generateKeyPair.getPrivate(), password, new Certificate[]{generateCertificate});
        store(password);
    }

    public final void deleteEntry(String str) throws KeyStoreException {
        l.f(str, "alias");
        this.keyStore.deleteEntry(str);
    }

    public final KeyStore.Entry getEntry(String str) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException {
        l.f(str, "alias");
        KeyStore.Entry entry = this.keyStore.getEntry(str, null);
        l.e(entry, "keyStore.getEntry(alias, null)");
        return entry;
    }

    public final KeyStore.Entry getEntry(String str, char[] cArr) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
        l.f(str, "alias");
        l.f(cArr, "password");
        KeyStore.Entry entry = this.keyStore.getEntry(str, new KeyStore.PasswordProtection(cArr));
        l.e(entry, "keyStore.getEntry(alias, KeyStore.PasswordProtection(password))");
        return entry;
    }

    public final String getPublicKey() {
        KeyStore.Entry entry = this.keyStore.getEntry(ALIAS, null);
        if (entry == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        }
        PublicKey publicKey = ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey();
        if (publicKey == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.security.PublicKey");
        }
        String encodeToString = Base64.encodeToString(publicKey.getEncoded(), 2);
        l.e(encodeToString, "encodeToString(publicKey.encoded, Base64.NO_WRAP)");
        return encodeToString;
    }

    public final void load() throws Exception {
        this.keyStore.load(null);
    }

    public final String signData(String str) {
        l.f(str, RemoteMessageConst.DATA);
        try {
            Key key = this.keyStore.getKey(ALIAS, null);
            if (key == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.PrivateKey");
            }
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign((PrivateKey) key);
            byte[] bytes = str.getBytes(kotlin.i0.d.a);
            l.e(bytes, "(this as java.lang.String).getBytes(charset)");
            signature.update(bytes);
            byte[] sign = signature.sign();
            String encodeToString = sign != null ? Base64.encodeToString(sign, 2) : "";
            l.e(encodeToString, "{\n            val privateKey = keyStore.getKey(ALIAS, null) as PrivateKey\n            val signature: ByteArray? = Signature.getInstance(\"SHA256withRSA\").run {\n                initSign(privateKey)\n                update(data.toByteArray())\n                sign()\n            }\n            if (signature != null) {\n                Base64.encodeToString(signature, Base64.NO_WRAP)\n            } else {\n                \"\"\n            }\n        }");
            return encodeToString;
        } catch (Exception unused) {
            return "";
        }
    }

    public final boolean verifyData(String str, String str2) {
        l.f(str, RemoteMessageConst.DATA);
        l.f(str2, "signedData");
        Certificate certificate = this.keyStore.getCertificate(ALIAS);
        byte[] decode = Base64.decode(str2, 0);
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initVerify(certificate);
        byte[] bytes = str.getBytes(kotlin.i0.d.a);
        l.e(bytes, "(this as java.lang.String).getBytes(charset)");
        signature.update(bytes);
        return signature.verify(decode);
    }
}
