package com.crypho.plugins;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyNotYetValidException;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.security.keystore.UserNotAuthenticatedException;
import io.fabric.sdk.android.services.common.CommonUtils;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class RSA {
    private static final String KEYSTORE_PROVIDER = "AndroidKeyStore";
    private static final Cipher CIPHER = getCipher();
    private static final Object LOCK = new Object();

    public static void createKeyPair(Context context, String str) throws Exception {
        synchronized (LOCK) {
            String format = String.format("CN=%s, OU=%s", str, context.getPackageName());
            if (Build.VERSION.SDK_INT > 23) {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_PROVIDER);
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(2678400).setCertificateSubject(new X500Principal(format)).setCertificateSerialNumber(BigInteger.ONE).setKeySize(2048).setDigests(CommonUtils.SHA256_INSTANCE, "SHA-512").setEncryptionPaddings("PKCS1Padding").setRandomizedEncryptionRequired(true).setInvalidatedByBiometricEnrollment(false).build());
                keyPairGenerator.generateKeyPair();
            } else {
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal(format)).setSerialNumber(BigInteger.ONE).setEncryptionRequired().setKeySize(2048).setKeyType("RSA").build();
                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("RSA", KEYSTORE_PROVIDER);
                keyPairGenerator2.initialize(build);
                keyPairGenerator2.generateKeyPair();
            }
        }
    }

    public static byte[] decrypt(byte[] bArr, String str) throws Exception {
        byte[] doFinal;
        synchronized (LOCK) {
            initCipher(2, str);
            doFinal = CIPHER.doFinal(bArr);
        }
        return doFinal;
    }

    public static byte[] encrypt(byte[] bArr, String str) throws Exception {
        byte[] doFinal;
        synchronized (LOCK) {
            initCipher(1, str);
            doFinal = CIPHER.doFinal(bArr);
        }
        return doFinal;
    }

    private static Cipher getCipher() {
        try {
            return Cipher.getInstance("RSA/ECB/PKCS1Padding");
        } catch (Exception unused) {
            return null;
        }
    }

    private static KeyStore.PrivateKeyEntry getKeyStoreEntry(String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER);
        keyStore.load(null, null);
        return (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
    }

    public static void initCipher(int i, String str) throws Exception {
        initCipher(CIPHER, i, str);
    }

    private static void initCipher(Cipher cipher, int i, String str) throws Exception {
        Key publicKey;
        synchronized (LOCK) {
            KeyStore.PrivateKeyEntry keyStoreEntry = getKeyStoreEntry(str);
            if (keyStoreEntry == null) {
                throw new Exception("Failed to load key for " + str);
            }
            if (i == 1) {
                publicKey = keyStoreEntry.getCertificate().getPublicKey();
            } else {
                if (i != 2) {
                    throw new Exception("Invalid cipher mode parameter");
                }
                publicKey = keyStoreEntry.getPrivateKey();
            }
            cipher.init(i, publicKey);
        }
    }

    public static boolean isEntryAvailable(String str) throws UserNotAuthenticatedException {
        KeyStore.PrivateKeyEntry keyStoreEntry;
        synchronized (LOCK) {
            try {
                keyStoreEntry = getKeyStoreEntry(str);
            } catch (Exception unused) {
                return false;
            }
        }
        if (keyStoreEntry == null) {
            return false;
        }
        try {
            Cipher cipher = getCipher();
            initCipher(cipher, 1, str);
            initCipher(cipher, 2, str);
        } catch (KeyNotYetValidException | KeyPermanentlyInvalidatedException unused2) {
            return false;
        } catch (UserNotAuthenticatedException e) {
            throw e;
        } catch (Exception unused3) {
        }
        return true;
    }
}
