package com.initech.fido.utils;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import androidx.annotation.RequiresApi;
import com.initech.provider.crypto.InitechProvider;
import com.initech.provider.crypto.rsa.RSAPublicKeyImpl;
import com.ssg.base.data.entity.common.planshopdetail.PlanShopInfo;
import defpackage.os6;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.util.Enumeration;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes4.dex */
public class KeyManager {
    @RequiresApi(api = 23)
    public static void a(String str, boolean z) throws Exception {
        KeyGenParameterSpec.Builder blockModes;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyGenParameterSpec.Builder randomizedEncryptionRequired;
        KeyGenParameterSpec.Builder userAuthenticationRequired;
        KeyGenParameterSpec build;
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        blockModes = os6.a(str, 3).setBlockModes("CBC");
        encryptionPaddings = blockModes.setEncryptionPaddings("PKCS7Padding");
        randomizedEncryptionRequired = encryptionPaddings.setRandomizedEncryptionRequired(false);
        userAuthenticationRequired = randomizedEncryptionRequired.setUserAuthenticationRequired(z);
        if (Build.VERSION.SDK_INT >= 24) {
            userAuthenticationRequired.setInvalidatedByBiometricEnrollment(z);
        }
        build = userAuthenticationRequired.build();
        keyGenerator.init(build);
        keyGenerator.generateKey();
    }

    @RequiresApi(api = 24)
    public static boolean checkKeyInvalidated(Context context) {
        boolean isKeyInvalidated = isKeyInvalidated(context);
        if (isKeyInvalidated) {
            return isKeyInvalidated;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                cipher.init(1, keyStore.getKey(aliases.nextElement(), null));
            }
            return isKeyInvalidated;
        } catch (KeyPermanentlyInvalidatedException unused) {
            setKeyInvalidated(context, true);
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return isKeyInvalidated;
        }
    }

    public static byte[] getDERPublicKey(byte[] bArr) {
        try {
            RSAPublicKeyImpl rSAPublicKeyImpl = new RSAPublicKeyImpl(bArr);
            byte[] byteArray = rSAPublicKeyImpl.getModulus().toByteArray();
            byte[] byteArray2 = rSAPublicKeyImpl.getPublicExponent().toByteArray();
            byte[] bArr2 = new byte[byteArray2.length + 256];
            System.arraycopy(byteArray, 1, bArr2, 0, 256);
            System.arraycopy(byteArray2, 0, bArr2, 256, byteArray2.length);
            return bArr2;
        } catch (InvalidKeyException e) {
            Logger.d("com.initech.fido.utils.KeyManager", "KeyManager.getDERPublicKey -> DER 공개키 생성 실패[Exception : " + e.getMessage() + "]");
            return null;
        }
    }

    public static boolean isKeyInvalidated(Context context) {
        return Boolean.parseBoolean(PreferenceManager.getInstance(context.getApplicationContext()).getString(PreferenceManager.PREFERENCE_KEY_BIO_INVALIDATED, PlanShopInfo.NOT_SHOW_END_PLANSHOP_LAYER));
    }

    @RequiresApi(api = 23)
    public static boolean keystoreContainsAlias(String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        return keyStore.containsAlias(str);
    }

    public static void keystoreDelete(Context context, boolean z, String str) {
        if (z || (Build.VERSION.SDK_INT >= 24 && isKeyInvalidated(context))) {
            keystoreDelete(str);
        }
    }

    public static void keystoreDelete(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
        } catch (Exception unused) {
        }
    }

    @RequiresApi(api = 23)
    public static void keystoreGenerateSecretKey(String str) throws Exception {
        a(str, false);
    }

    @RequiresApi(api = 23)
    public static Cipher keystoreGetDecryptCipher(Context context, String str, byte[] bArr, boolean z) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (str.contains("check") && !keyStore.containsAlias(str)) {
            a(str, z);
        }
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(2, keyStore.getKey(str, null), new IvParameterSpec(bArr));
            return cipher;
        } catch (KeyPermanentlyInvalidatedException e) {
            setKeyInvalidated(context, true);
            throw e;
        }
    }

    @RequiresApi(api = 23)
    public static Cipher keystoreGetEncryptCipher(Context context, String str, byte[] bArr, boolean z) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (!keyStore.containsAlias(str) || (Build.VERSION.SDK_INT >= 24 && isKeyInvalidated(context))) {
            a(str, z);
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(1, keyStore.getKey(str, null), new IvParameterSpec(bArr));
        return cipher;
    }

    @RequiresApi(api = 23)
    public static SecretKey keystoreGetSecretKey(String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        return (SecretKey) keyStore.getKey(str, null);
    }

    public static Object[] rsaKeyGenerator() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", InitechProvider.NAME);
            keyPairGenerator.initialize(2048);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            return new Object[]{generateKeyPair.getPublic(), generateKeyPair.getPrivate()};
        } catch (Exception e) {
            Logger.d("com.initech.fido.utils.KeyManager", "KeyManager.rsaKeyGenerator -> 사용자 키 쌍 생성 실패[Exception : " + e.getMessage() + "]");
            return null;
        }
    }

    public static void setKeyInvalidated(Context context, boolean z) {
        PreferenceManager.getInstance(context.getApplicationContext()).putString(PreferenceManager.PREFERENCE_KEY_BIO_INVALIDATED, Boolean.toString(z));
    }
}
