package net.ku.ku.module.common.crypto;

import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import ch.qos.logback.core.net.ssl.SSL;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.security.auth.x500.X500Principal;
import net.ku.ku.module.common.crypto.KeyStoreHelper;
import net.ku.ku.module.common.util.common.Function1;
import net.ku.ku.module.common.util.common.Function2;
import net.ku.ku.module.common.util.io.StreamUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes4.dex */
public class RSAKeySpecCompatAdapter extends KeyStoreHelper.KeySpecAdapter {
    private static final String ALGORITHM_RSA = "RSA";
    private static final String CIPHER_PROVIDER = "AndroidOpenSSL";
    private static final String CIPHER_TYPE = "RSA/ECB/PKCS1Padding";
    public static final int KEYSIZE = 256;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) RSAKeySpecCompatAdapter.class);
    private String keyAlias;
    private KeyPair keyPair_belowAPI18;
    private Function1<String, byte[]> privateKeyFun_belowAPI18;
    private Function1<String, File> publicKeyFun_belowAPI18;

    private void generateRSAKey_AboveApi23(KeyStore keyStore, String str) throws Exception {
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(str, 3).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM_RSA, "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private PrivateKey transPrivatekey(byte[] bArr) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return KeyFactory.getInstance(ALGORITHM_RSA).generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(bArr, 0)));
    }

    private PublicKey transPublickey(String str) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return KeyFactory.getInstance(ALGORITHM_RSA).generatePublic(new X509EncodedKeySpec(Base64.decode(str, 0)));
    }

    @Override // net.ku.ku.module.common.crypto.KeyStoreHelper.KeySpecAdapter
    public void createNewKey(KeyStore keyStore, String str) {
        try {
            this.keyAlias = str;
            if (Build.VERSION.SDK_INT >= 23) {
                generateRSAKey_AboveApi23(keyStore, str);
            } else if (Build.VERSION.SDK_INT < 18 || Build.VERSION.SDK_INT >= 23) {
                LOGGER.error("SDK is below 18");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM_RSA);
                keyPairGenerator.initialize(4096, SecureRandom.getInstance(SSL.DEFAULT_SECURE_RANDOM_ALGORITHM));
                this.keyPair_belowAPI18 = keyPairGenerator.generateKeyPair();
            } else {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 100);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.keyStoreHelper.context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(ALGORITHM_RSA, "AndroidKeyStore");
                keyPairGenerator2.initialize(build);
                keyPairGenerator2.generateKeyPair();
            }
        } catch (Exception e) {
            LOGGER.error("Create key error", (Throwable) e);
        }
    }

    public PrivateKey getPrivateKey(KeyStore keyStore, String str) {
        try {
            return Build.VERSION.SDK_INT >= 18 ? (PrivateKey) keyStore.getKey(str, null) : transPrivatekey(this.privateKeyFun_belowAPI18.call(str));
        } catch (Exception e) {
            LOGGER.error("Get key error.", (Throwable) e);
            return null;
        }
    }

    public PublicKey getPublicKey(KeyStore keyStore, String str) {
        FileInputStream fileInputStream;
        PublicKey transPublickey;
        FileInputStream fileInputStream2 = null;
        try {
            if (Build.VERSION.SDK_INT >= 18) {
                transPublickey = keyStore.getCertificate(str).getPublicKey();
            } else {
                fileInputStream = new FileInputStream(this.publicKeyFun_belowAPI18.call(str));
                try {
                    try {
                        transPublickey = transPublickey(StreamUtil.getStringFromStream(fileInputStream));
                        fileInputStream2 = fileInputStream;
                    } catch (Exception unused) {
                        LOGGER.error("Get key error.");
                        StreamUtil.closeStream(fileInputStream);
                        return null;
                    }
                } catch (Throwable th) {
                    th = th;
                    fileInputStream2 = fileInputStream;
                    StreamUtil.closeStream(fileInputStream2);
                    throw th;
                }
            }
            StreamUtil.closeStream(fileInputStream2);
            return transPublickey;
        } catch (Exception unused2) {
            fileInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            StreamUtil.closeStream(fileInputStream2);
            throw th;
        }
    }

    @Override // net.ku.ku.module.common.crypto.KeyStoreHelper.KeySpecAdapter
    public byte[] lock(KeyStore keyStore, String str, byte[] bArr) throws KeyNotFoundException {
        try {
            PublicKey publicKey = getPublicKey(keyStore, str);
            if (publicKey == null) {
                throw new KeyNotFoundException();
            }
            Cipher cipher = Cipher.getInstance(CIPHER_TYPE);
            cipher.init(1, publicKey);
            LOGGER.debug("Cipher provider name:" + cipher.getProvider().getName());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(bArr);
            cipherOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (KeyNotFoundException e) {
            throw e;
        } catch (Exception e2) {
            LOGGER.error("Encrypt error", (Throwable) e2);
            return new byte[0];
        }
    }

    public RSAKeySpecCompatAdapter saveKeyPair_belowAPI18(Function2<String, KeyPair, Void> function2) {
        if (Build.VERSION.SDK_INT < 18 && function2 != null) {
            try {
                function2.call(this.keyAlias, this.keyPair_belowAPI18);
            } catch (Exception unused) {
                LOGGER.warn("Save keypair error.");
            }
        }
        return this;
    }

    public RSAKeySpecCompatAdapter setPrivateKey__belowAPI18(Function1<String, byte[]> function1) {
        if (Build.VERSION.SDK_INT >= 18) {
            return this;
        }
        this.privateKeyFun_belowAPI18 = function1;
        return this;
    }

    public RSAKeySpecCompatAdapter setPublicKey_belowAPI18(Function1<String, File> function1) {
        if (Build.VERSION.SDK_INT >= 18) {
            return this;
        }
        this.publicKeyFun_belowAPI18 = function1;
        return this;
    }

    public String transPrivatekey(KeyPair keyPair) {
        return Base64.encodeToString(keyPair.getPrivate().getEncoded(), 0);
    }

    public String transPublickey(KeyPair keyPair) {
        return Base64.encodeToString(keyPair.getPublic().getEncoded(), 0);
    }

    @Override // net.ku.ku.module.common.crypto.KeyStoreHelper.KeySpecAdapter
    public byte[] unlock(KeyStore keyStore, String str, byte[] bArr) throws KeyNotFoundException {
        try {
            PrivateKey privateKey = getPrivateKey(keyStore, str);
            if (privateKey == null) {
                throw new KeyNotFoundException();
            }
            Cipher cipher = Cipher.getInstance(CIPHER_TYPE);
            cipher.init(2, privateKey);
            LOGGER.debug("Cipher provider name:" + cipher.getProvider().getName());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    byteArrayOutputStream.close();
                    return byteArrayOutputStream.toByteArray();
                }
                byteArrayOutputStream.write(read);
            }
        } catch (KeyNotFoundException e) {
            throw e;
        } catch (Exception e2) {
            LOGGER.error("Decrypt error", (Throwable) e2);
            return new byte[0];
        }
    }
}
