package com.kica.android.kfido.authenticator.crypto;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyChain;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import com.kica.android.fido.uaf.auth.common.AuthException;
import com.kica.android.fido.uaf.auth.crypto.CryptoConst;
import com.kica.android.fido.uaf.util.Base64URLHelper;
import com.kica.android.kfido.asm.m;
import com.sg.openews.api.util.Hex;
import java.io.ByteArrayInputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.Enumeration;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes3.dex */
public class AndroidKeyStore {

    /* renamed from: a, reason: collision with root package name */
    private Context f21276a;

    /* renamed from: b, reason: collision with root package name */
    private SharedPreferences f21277b = null;

    /* renamed from: c, reason: collision with root package name */
    private SharedPreferences.Editor f21278c = null;

    public AndroidKeyStore(Context context) {
        this.f21276a = context;
    }

    private static KeyPair a() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048, SecureRandom.getInstance("SHA1PRNG"));
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e6) {
            e6.printStackTrace();
            return null;
        }
    }

    private byte[] a(String str) {
        SharedPreferences sharedPreferences = this.f21276a.getSharedPreferences(str, 0);
        this.f21277b = sharedPreferences;
        byte[] decode = Base64URLHelper.decode(sharedPreferences.getString(str + "_IV", null));
        m.a("AndroidKeyStore", "=====================복호화 IV값==========================");
        m.a("AndroidKeyStore", "=====Dec IV : " + Hex.encode((byte[]) decode.clone()));
        return decode;
    }

    public static byte[] decryptEncryptedKeyData(KeyStore.PrivateKeyEntry privateKeyEntry, byte[] bArr) throws AuthException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, privateKeyEntry.getPrivateKey());
            return cipher.doFinal(bArr);
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new AuthException("전달된 Key Data를 복호화하는데 실패함");
        }
    }

    public static void delHashPin() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (nextElement.contains("kica_kfido_hash_pin_")) {
                    try {
                        keyStore.deleteEntry(nextElement);
                    } catch (Exception e6) {
                        e6.printStackTrace();
                        throw new AuthException("Android KeyStore에서 delete pin iv failed");
                    }
                }
            }
        } catch (Exception e7) {
            e7.printStackTrace();
        }
    }

    public static void delRegiStatus(Context context, String str) throws AuthException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(context.getPackageName() + "_" + str);
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new AuthException("Android KeyStore에서 delete regStatus failed");
        }
    }

    public static void delUUID() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Log.e("test1111", "### alias name ::: " + nextElement);
                if (nextElement.contains("kica_kfido_pin_iv_")) {
                    try {
                        keyStore.deleteEntry(nextElement);
                    } catch (Exception e6) {
                        e6.printStackTrace();
                        throw new AuthException("Android KeyStore에서 delete pin iv failed");
                    }
                }
            }
        } catch (Exception e7) {
            e7.printStackTrace();
        }
    }

    public static void deleteHWAuthKeyPair(String str) throws AuthException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new AuthException("Android KeyStore에서 AuthKeyPair를 삭제하는데 실패함");
        }
    }

    public static byte[] encryptRawKey(RSAPublicKey rSAPublicKey, byte[] bArr) throws AuthException {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, rSAPublicKey);
            return cipher.doFinal(bArr);
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new AuthException("전달된 Key Data를 암호화하는데 실패함");
        }
    }

    public static KeyStore.PrivateKeyEntry getHWAuthKeyPair(String str) throws AuthException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new AuthException("Android KeyStore에서 AuthPrivateKey를 조회하는데 실패함");
        }
    }

    public static boolean isAndroid6() {
        return true;
    }

    @TargetApi(18)
    public static boolean isHWSupported() {
        return KeyChain.isKeyAlgorithmSupported("RSA") && KeyChain.isBoundKeyAlgorithm("RSA");
    }

    public static boolean isRegiCheck(Context context, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.containsAlias(context.getPackageName() + "_" + str);
        } catch (Exception e6) {
            e6.printStackTrace();
            return false;
        }
    }

    public static boolean isSearchHWAuthKey(String str) throws AuthException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.containsAlias(str);
        } catch (Exception e6) {
            e6.printStackTrace();
            return false;
        }
    }

    public static RSAPublicKey setHWAuthKeyPair(String str) throws AuthException {
        KeyPair a6 = a();
        if (a6 == null) {
            throw new AuthException("AuthKeyPair 생성에 실패하였음");
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance(CryptoConst.CERT_X509).generateCertificate(new ByteArrayInputStream(Base64.decode("MIIDkjCCAnqgAwIBAgIBGTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJLUjEWMBQGA1UEChMNRHJlYW1zZWN1cml0eTEUMBIGA1UEAwwLRklET19ST09UQ0EwHhcNMTYwMzI4MDAwMDAwWhcNMzYwMzI3MjM1OTU5WjA5MQswCQYDVQQGEwJLUjEWMBQGA1UEChMNRHJlYW1zZWN1cml0eTESMBAGA1UEAwwJMDAyMCNBMTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMTrt/qaxQSYUvH84o4tkJmFVOAY0U5PemKGJiz2Ky5QLq6isNd3bkXRGiwYCYhLR60im8b9s05vfsi9wKpl8kV7hrP2UHuMQE+FcA7Onc4Z5gI9lTxe2l3nkX0I2t5lG4nlzzhSu4FqnhRJ9rxNoMlrfxc/bj7dq5Pk6m2bkdM71fqN8VcrAuCc+L0IC0TYPLpyp5g1M00Ohh9EPL87h0kP1mBxgtOP0JD+EGfoOO56bpIOt4uG/LSImyfyi9fhJGc4AOyYoixtTORicaY/Mw7PBpqxqOgDnaErhjqgPP/7DsiJQu/4jSCYSWi6vN2OesKPTknPS3qik3EOn3g1pwIDAQABo4GiMIGfMAkGA1UdEwQCMAAwHQYDVR0OBBYEFAVJqm77Hptj+5CnAJBgiSCwm7fXMGMGA1UdIwRcMFqAFAkGLs99B+eiW+8DQTJ63olFjtszoT+kPTA7MQswCQYDVQQGEwJLUjEWMBQGA1UEChMNRHJlYW1zZWN1cml0eTEUMBIGA1UEAwwLRklET19ST09UQ0GCAQEwDgYDVR0PAQH/BAQDAgbAMA0GCSqGSIb3DQEBCwUAA4IBAQAx3I6T5BJVTTofzLHcNUURRv8hescV9M6XgGqIpmEHpWhCAWs0b9mFNY4UPbEynK0mqJFs8ACA9mzUFEzJ2ZBGwtaoSP/dSwpAB8hn5E2CSvQQCXrHjQprlh/Qajqf34sD6+ffAzeqvmJ8LZ2rzvIyMmTt5vGqzLvX/5UlM2gpNUzuWQiExoZ6rcfn8okVbqY9qzov47UNcSJsVLQoSpovl1zlUUHW783XnFZD9lCj37vWkL3hyEqXOb1+j1A9nPF3uFARv9M006MNBoHtQ0ARrDtSbKlxZo2jIEuSp2++RhGkOUDf8vheG1kxKvsdydA0mADywgZO+kDSthNQ9k/p".getBytes(), 0)));
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.setKeyEntry(str, a6.getPrivate(), null, new Certificate[]{x509Certificate});
            return (RSAPublicKey) a6.getPublic();
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new AuthException("Android KeyStore에 AuthKeyPair를 저장하는데 실패함");
        }
    }

    @TargetApi(23)
    public static SecretKey setRegiStatus(Context context, String str) throws Exception {
        if (isRegiCheck(context, str)) {
            delRegiStatus(context, str);
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance(CryptoConst.ALG_AES, "AndroidKeyStore");
        keyGenerator.init(new KeyGenParameterSpec.Builder(context.getPackageName() + "_" + str, 3).setKeySize(256).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build());
        return keyGenerator.generateKey();
    }

    public byte[] decryptEncryptedKeyData_M(SecretKey secretKey, byte[] bArr, String str) throws Exception {
        try {
            m.a("AndroidKeyStore", "=====================Dec IV값==========================");
            m.a("AndroidKeyStore", "=====IV : " + Hex.encode((byte[]) a(str).clone()));
            m.a("AndroidKeyStore", "=====Enc Data : " + Hex.encode((byte[]) bArr.clone()));
            m.a("AndroidKeyStore", "=====Cipher Init Start");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            m.a("AndroidKeyStore", "=====Cipher Init End");
            m.a("AndroidKeyStore", "=====Cipher IV Start");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(a(str));
            m.a("AndroidKeyStore", "=====Cipher IV End");
            m.a("AndroidKeyStore", "=====Cipher Decrypt init Start");
            cipher.init(2, secretKey, ivParameterSpec);
            m.a("AndroidKeyStore", "=====Cipher Decrypt init End");
            m.a("AndroidKeyStore", "=====Cipher Decrypt doFinal Start");
            byte[] doFinal = cipher.doFinal(bArr);
            m.a("AndroidKeyStore", "=====Cipher Decrypt doFinal End");
            return doFinal;
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new Exception("전달된 Key Data를 복호화하는데 실패함");
        }
    }

    public byte[] encryptRawKey_M(SecretKey secretKey, byte[] bArr, String str) throws Exception {
        m.a("AndroidKeyStore", "=====================실제 암호화 데이터==========================");
        m.a("AndroidKeyStore", "=====real WrapKey : " + Hex.encode((byte[]) bArr.clone()));
        m.a("AndroidKeyStore", "=====================암호화 Enc Cipher Start==========================");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        m.a("AndroidKeyStore", "=====================암호화 Enc Cipher End==========================");
        m.a("AndroidKeyStore", "=====================암호화 Enc init Start==========================");
        cipher.init(1, secretKey);
        m.a("AndroidKeyStore", "=====================암호화 Enc init End==========================");
        m.a("AndroidKeyStore", "=====================암호화 Enc dofinal Start==========================");
        byte[] doFinal = cipher.doFinal(bArr);
        m.a("AndroidKeyStore", "=====================암호화 Enc dofinal End==========================");
        byte[] iv = cipher.getIV();
        SharedPreferences sharedPreferences = this.f21276a.getSharedPreferences(str, 0);
        this.f21277b = sharedPreferences;
        SharedPreferences.Editor edit = sharedPreferences.edit();
        this.f21278c = edit;
        edit.putString(str + "_IV", Base64URLHelper.encodeToString(iv));
        this.f21278c.commit();
        m.a("AndroidKeyStore", "=====================암호화 IV값==========================");
        m.a("AndroidKeyStore", "=====Enc IV : " + Hex.encode((byte[]) iv.clone()));
        m.a("AndroidKeyStore", "=====================실제 암호화 IV값==========================");
        m.a("AndroidKeyStore", "=====real IV : " + Hex.encode((byte[]) iv.clone()));
        m.a("AndroidKeyStore", "=====real EncWrapKey : " + Hex.encode((byte[]) doFinal.clone()));
        return doFinal;
    }

    public SecretKey getHWAuthKey_M(String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        keyStore.getEntry(str, null);
        try {
            return (SecretKey) keyStore.getKey(str, null);
        } catch (Exception e6) {
            e6.printStackTrace();
            throw new Exception("Android KeyStore에서 AuthPrivateKey를 조회하는데 실패함");
        }
    }

    @TargetApi(23)
    public SecretKey setHWAuthKeyPair_M(String str) throws Exception {
        if (isSearchHWAuthKey(str)) {
            deleteHWAuthKeyPair(str);
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance(CryptoConst.ALG_AES, "AndroidKeyStore");
        keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setKeySize(256).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build());
        return keyGenerator.generateKey();
    }
}
