package com.wit.wcl.sdk.crypto;

import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.adjust.sdk.Constants;
import com.wit.wcl.COMLibApp;
import com.wit.wcl.ReportManagerAPI;
import com.wit.wcl.util.COMLibPreferences;
import java.io.ByteArrayInputStream;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public class CryptoProvider {
    private static final String AKS = "AndroidKeyStore";
    private static final String TAG = "COMLib.CryptoProvider";
    private static KeyStore keyStore;

    public static void deleteAES(String str) {
        COMLibPreferences.remove(COMLibApp.getContext(), str);
    }

    public static boolean exists(String str) {
        initKeyStore();
        try {
            return keyStore.containsAlias(str);
        } catch (Exception e) {
            ReportManagerAPI.error(TAG, "exists", e);
            return false;
        }
    }

    public static boolean existsAES(String str) {
        return !TextUtils.isEmpty(COMLibPreferences.getString(COMLibApp.getContext(), str, null));
    }

    public static synchronized boolean existsCacert(String str) {
        boolean z;
        synchronized (CryptoProvider.class) {
            initKeyStore();
            try {
                z = keyStore.getCertificate(str) != null;
            } catch (Exception e) {
                ReportManagerAPI.error(TAG, "existsCacert", e);
                return false;
            }
        }
        return z;
    }

    public static boolean generate(String str, String str2, int i) {
        initKeyStore();
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(str, 15).setDigests("NONE", Constants.MD5, Constants.SHA1, "SHA-224", Constants.SHA256, "SHA-384", "SHA-512").setEncryptionPaddings("NoPadding", "PKCS1Padding", "OAEPPadding").setSignaturePaddings("PKCS1").setRandomizedEncryptionRequired(false).setKeySize(i).build();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str2, AKS);
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
            return true;
        } catch (Exception e) {
            ReportManagerAPI.error(TAG, "generate | failed to generate key pair", e);
            return false;
        }
    }

    public static void generateRSAandAESKeys(String str, String str2) throws Exception {
        if (!exists(str)) {
            generate(str, "RSA", 1024);
        } else if (!existsCacert(str)) {
            ReportManagerAPI.warn(TAG, "generateRSAandAESKeys | cacert not found for alias, generate new");
            generate(str, "RSA", 1024);
            if (existsAES(str)) {
                deleteAES(str);
            }
        }
        if (existsAES(str)) {
            return;
        }
        generateRandomAES(str, str2);
    }

    public static byte[] generateRandomAES(String str, String str2) throws Exception {
        SecureRandom secureRandom = new SecureRandom();
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        try {
            keyGenerator.init(256, secureRandom);
        } catch (Exception unused) {
            try {
                keyGenerator.init(192, secureRandom);
            } catch (Exception unused2) {
                keyGenerator.init(128, secureRandom);
            }
        }
        byte[] encoded = keyGenerator.generateKey().getEncoded();
        if (encoded.length > 0) {
            COMLibPreferences.putString(COMLibApp.getContext(), str, new String(Base64.encode(xcryptPrivate(str, encoded, str2, true), 2)));
        }
        return encoded;
    }

    public static byte[] getPublicKey(String str) {
        initKeyStore();
        try {
            return keyStore.getCertificate(str).getPublicKey().getEncoded();
        } catch (Exception unused) {
            return null;
        }
    }

    private static synchronized void initKeyStore() {
        synchronized (CryptoProvider.class) {
            if (keyStore == null) {
                try {
                    KeyStore keyStore2 = KeyStore.getInstance(AKS);
                    keyStore = keyStore2;
                    keyStore2.load(null, null);
                } catch (Exception e) {
                    ReportManagerAPI.error(TAG, "initKeyStore", e);
                }
            }
        }
    }

    public static void regenerateRSAandAESKeys(String str, String str2) throws Exception {
        initKeyStore();
        generate(str, "RSA", 1024);
        if (existsAES(str)) {
            deleteAES(str);
        }
        generateRandomAES(str, str2);
    }

    private static byte[] sign(String str, byte[] bArr, String str2) {
        initKeyStore();
        try {
            Signature signature = Signature.getInstance(str2);
            signature.initSign((PrivateKey) keyStore.getKey(str, null));
            signature.update(bArr);
            return signature.sign();
        } catch (Exception unused) {
            return null;
        }
    }

    private static boolean storeKeyPair(String str, byte[] bArr, byte[] bArr2) {
        initKeyStore();
        try {
            Certificate next = CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(bArr)).iterator().next();
            keyStore.setKeyEntry(str, KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr2)), null, new Certificate[]{next});
            return exists(str);
        } catch (Exception unused) {
            return false;
        }
    }

    public static byte[] xcryptPrivate(String str, byte[] bArr, String str2, boolean z) throws Exception {
        initKeyStore();
        Cipher cipher = Cipher.getInstance(str2);
        if (z) {
            cipher.init(1, keyStore.getCertificate(str).getPublicKey());
        } else {
            cipher.init(2, keyStore.getKey(str, null));
        }
        return cipher.doFinal(bArr);
    }

    public static byte[] xcryptPrivateAES(String str, byte[] bArr, String str2, boolean z) throws Exception {
        if (bArr == null || bArr.length == 0) {
            return bArr;
        }
        initKeyStore();
        byte[] xcryptPrivate = xcryptPrivate(str, Base64.decode(COMLibPreferences.getString(COMLibApp.getContext(), str, null), 2), str2, false);
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(z ? 1 : 2, new SecretKeySpec(xcryptPrivate, "AES"));
        return cipher.doFinal(bArr);
    }
}
