package tw.com.moneybook.moneybook.util;

import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.room.q0;
import com.google.android.gms.common.api.ApiException;
import com.google.android.gms.common.api.Status;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;
import tw.com.moneybook.moneybook.application.BasicApplication;

/* compiled from: KeyStoreUtil.kt */
/* loaded from: classes2.dex */
public final class t {
    private static final String AES_MODE = "AES/GCM/NoPadding";
    public static final t INSTANCE = new t();
    private static final String KEYSTORE_ALIAS = "MONEYBOOK_TEST_KEYSTORE";
    public static final String KEYSTORE_PROVIDER = "AndroidKeyStore";
    public static final String KEYSTORE_SIGNATURE_ALIAS = "MONEYBOOK_SIGNATURE_KEYSTORE";
    public static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static KeyStore keyStore = null;
    private static final int rsaDecryptBlock = 256;
    private static final int rsaEncryptBlock = 244;

    static {
        KeyStore keyStore2 = KeyStore.getInstance(KEYSTORE_PROVIDER);
        kotlin.jvm.internal.l.e(keyStore2, "getInstance(KEYSTORE_PROVIDER)");
        keyStore = keyStore2;
        keyStore2.load(null);
    }

    private t() {
    }

    public final void a(String alias) {
        kotlin.jvm.internal.l.f(alias, "alias");
        if (keyStore.containsAlias(alias)) {
            keyStore.deleteEntry(alias);
        }
    }

    public final String b(String plainText, String pem) {
        String x7;
        String x8;
        String x9;
        kotlin.jvm.internal.l.f(plainText, "plainText");
        kotlin.jvm.internal.l.f(pem, "pem");
        x7 = kotlin.text.p.x(pem, "-----BEGIN PUBLIC KEY-----", "", false, 4, null);
        x8 = kotlin.text.p.x(x7, "-----END PUBLIC KEY-----", "", false, 4, null);
        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decode(new kotlin.text.f("[\n\t\\s]").b(x8, ""), 0)));
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(1, generatePublic);
        byte[] bytes = plainText.getBytes(kotlin.text.d.UTF_8);
        kotlin.jvm.internal.l.e(bytes, "(this as java.lang.String).getBytes(charset)");
        byte[] doFinal = cipher.doFinal(bytes);
        if (doFinal == null) {
            doFinal = new byte[0];
        }
        String encodeToString = Base64.encodeToString(doFinal, 0);
        kotlin.jvm.internal.l.d(encodeToString);
        x9 = kotlin.text.p.x(encodeToString, "\n", "", false, 4, null);
        return x9;
    }

    public final KeyPair c() {
        AlgorithmParameterSpec build;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", KEYSTORE_PROVIDER);
        if (Build.VERSION.SDK_INT >= 23) {
            build = new KeyGenParameterSpec.Builder(KEYSTORE_SIGNATURE_ALIAS, 12).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests("SHA-256", "SHA-384", "SHA-512").build();
            kotlin.jvm.internal.l.e(build, "{\n            KeyGenPara…       .build()\n        }");
        } else {
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 3);
            build = new KeyPairGeneratorSpec.Builder(BasicApplication.Companion.a()).setAlias(KEYSTORE_SIGNATURE_ALIAS).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setSubject(new X500Principal("CN=MONEYBOOK_SIGNATURE_KEYSTORE")).setSerialNumber(BigInteger.TEN).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
            kotlin.jvm.internal.l.e(build, "{\n            val start …       .build()\n        }");
        }
        keyPairGenerator.initialize(build);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        kotlin.jvm.internal.l.e(generateKeyPair, "keyPairGenerator.generateKeyPair()");
        return generateKeyPair;
    }

    public final String d() {
        String x7;
        KeyStore.Entry entry = keyStore.getEntry(KEYSTORE_SIGNATURE_ALIAS, null);
        kotlin.jvm.internal.l.e(entry, "keyStore.getEntry(KEYSTORE_SIGNATURE_ALIAS, null)");
        if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
            throw new ApiException(new Status(q0.MAX_BIND_PARAMETER_CNT));
        }
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        byte[] bytes = "Moneybook".getBytes(kotlin.text.d.UTF_8);
        kotlin.jvm.internal.l.e(bytes, "(this as java.lang.String).getBytes(charset)");
        signature.update(bytes);
        byte[] sign = signature.sign();
        kotlin.jvm.internal.l.e(sign, "getInstance(\"SHA256withE…         sign()\n        }");
        String encodeToString = Base64.encodeToString(sign, 0);
        kotlin.jvm.internal.l.e(encodeToString, "encodeToString(signature, Base64.DEFAULT)");
        x7 = kotlin.text.p.x(encodeToString, "\n", "", false, 4, null);
        return x7;
    }
}
