package com.rayark.keystoretool;

import android.content.ContextWrapper;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Log;
import androidx.annotation.NonNull;
import androidx.annotation.RequiresApi;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Calendar;
import java.util.Enumeration;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
final class Utilities {
    private static final int AES_BLOCK_SIZE_BIT = 128;
    private static final int AES_KEY_SIZE_BIT = 256;
    public static final String AES_MODE = "AES/CBC/PKCS7Padding";
    private static final String ANDROID_KEY_STORE_PROVIDER = "AndroidKeyStore";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final String TAG = "Utilities";

    Utilities() {
    }

    @NonNull
    @RequiresApi(23)
    private static SecretKey _generateAESKeyWithCBC(@NonNull String str) {
        KeyGenerator keyGenerator;
        if (!canStoreSymmetricKeyInKeyStore()) {
            throw new UnsupportedOperationException();
        }
        try {
            keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE_PROVIDER);
        } catch (NoSuchAlgorithmException e) {
            Log.e(TAG, "Exception should not happen", e);
            throw new RuntimeException(e);
        } catch (NoSuchProviderException e2) {
            Log.w(TAG, "AndroidKeyStore provider does not exist, try default one", e2);
            try {
                keyGenerator = KeyGenerator.getInstance("AES");
            } catch (NoSuchAlgorithmException e3) {
                Log.e(TAG, "Exception should not happen", e3);
                throw new RuntimeException(e3);
            }
        }
        KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str, 3);
        builder.setKeySize(256).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding");
        try {
            keyGenerator.init(builder.build());
            return keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException e4) {
            Log.e(TAG, "Exception should not happen", e4);
            throw new RuntimeException(e4);
        }
    }

    @NonNull
    @RequiresApi(18)
    private static KeyPair _generateRSAKey(@NonNull String str) {
        KeyPairGenerator keyPairGenerator;
        if (!androidVersionSupported()) {
            throw new UnsupportedOperationException();
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 200);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(new ContextWrapper(null)).setAlias(str).setSubject(new X500Principal("CN=Rayark, O=Rayark Inc., OU=Engine Team")).setSerialNumber(BigInteger.valueOf(86409882L)).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        try {
            try {
                keyPairGenerator = KeyPairGenerator.getInstance("RSA", ANDROID_KEY_STORE_PROVIDER);
            } catch (NoSuchAlgorithmException e) {
                Log.e(TAG, "Exception should not happen", e);
                throw new RuntimeException(e);
            }
        } catch (NoSuchAlgorithmException e2) {
            Log.e(TAG, "Exception should not happen", e2);
            throw new RuntimeException(e2);
        } catch (NoSuchProviderException unused) {
            keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        }
        try {
            keyPairGenerator.initialize(build);
            return keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException e3) {
            Log.e(TAG, "KeyPairGeneratorSpec error", e3);
            throw new RuntimeException(e3);
        }
    }

    public static boolean androidVersionSupported() {
        return Build.VERSION.SDK_INT >= 18;
    }

    public static boolean canStoreSymmetricKeyInKeyStore() {
        return Build.VERSION.SDK_INT >= 23;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @RequiresApi(18)
    public static void clearKeyStore() throws IOException, CertificateException {
        if (!androidVersionSupported()) {
            throw new UnsupportedOperationException();
        }
        KeyStore loadKeyStore = loadKeyStore();
        try {
            Enumeration<String> aliases = loadKeyStore.aliases();
            while (aliases.hasMoreElements()) {
                loadKeyStore.deleteEntry(aliases.nextElement());
            }
        } catch (KeyStoreException e) {
            Log.e(TAG, "Exception should not happen", e);
            throw new RuntimeException(e);
        }
    }

    public static SecretKey generateAESKeyWithSecureRandom() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return new SecretKeySpec(bArr, "AES");
    }

    @RequiresApi(18)
    public static KeyStore loadKeyStore() throws IOException, CertificateException {
        if (!androidVersionSupported()) {
            throw new UnsupportedOperationException();
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_PROVIDER);
            try {
                keyStore.load(null);
                return keyStore;
            } catch (NoSuchAlgorithmException e) {
                Log.e(TAG, "Exception should not happen", e);
                throw new RuntimeException(e);
            }
        } catch (KeyStoreException e2) {
            Log.e(TAG, "Exception should not happen", e2);
            throw new RuntimeException(e2);
        }
    }

    @RequiresApi(23)
    public static SecretKey retrieveAESKeyFromKeyStore(@NonNull String str) {
        if (str == null) {
            throw new NullPointerException("alias must not be null");
        }
        if (!canStoreSymmetricKeyInKeyStore()) {
            throw new UnsupportedOperationException();
        }
        try {
            KeyStore loadKeyStore = loadKeyStore();
            try {
                if (!loadKeyStore.containsAlias(str)) {
                    return _generateAESKeyWithCBC(str);
                }
                try {
                    Key key = loadKeyStore.getKey(str, null);
                    if (key instanceof SecretKey) {
                        return (SecretKey) key;
                    }
                    Log.w(TAG, "A different type of key exists with same alias. Override it with new AES secret key");
                    return _generateAESKeyWithCBC(str);
                } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                    Log.e(TAG, "Exception should not happen", e);
                    throw new RuntimeException(e);
                }
            } catch (KeyStoreException e2) {
                Log.e(TAG, "Exception should not happen", e2);
                throw new RuntimeException(e2);
            }
        } catch (IOException | CertificateException e3) {
            Log.w(TAG, "Cannot load KeyStore", e3);
            throw new RuntimeException(e3);
        }
    }

    @RequiresApi(18)
    public static KeyPair retrieveRSAKeyFromKeyStore(@NonNull String str) {
        if (str == null) {
            throw new NullPointerException("alias must not be null");
        }
        if (!androidVersionSupported()) {
            throw new UnsupportedOperationException();
        }
        try {
            KeyStore loadKeyStore = loadKeyStore();
            try {
                if (!loadKeyStore.containsAlias(str)) {
                    return _generateRSAKey(str);
                }
                try {
                    Key key = loadKeyStore.getKey(str, null);
                    if (!(key instanceof PrivateKey)) {
                        Log.w(TAG, "A different type of key exists with same alias. Override it with new RSA private key");
                        return _generateRSAKey(str);
                    }
                    try {
                        return new KeyPair(loadKeyStore.getCertificate(str).getPublicKey(), (PrivateKey) key);
                    } catch (KeyStoreException e) {
                        Log.e(TAG, "Exception should not happen", e);
                        throw new RuntimeException(e);
                    }
                } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e2) {
                    Log.e(TAG, "Exception should not happen", e2);
                    throw new RuntimeException(e2);
                }
            } catch (KeyStoreException e3) {
                Log.e(TAG, "Exception should not happen", e3);
                throw new RuntimeException(e3);
            }
        } catch (IOException | CertificateException e4) {
            Log.w(TAG, "Cannot load KeyStore", e4);
            throw new RuntimeException(e4);
        }
    }

    public static byte[] rsaDecrypt(@NonNull Key key, @NonNull byte[] bArr) throws InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        if (bArr.length == 0) {
            return new byte[0];
        }
        try {
            Cipher cipher = Cipher.getInstance(RSA_MODE);
            cipher.init(2, key);
            return cipher.doFinal(bArr);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            Log.e(TAG, "Exception should not happen", e);
            throw new RuntimeException(e);
        }
    }

    public static byte[] rsaEncrypt(@NonNull Key key, @NonNull byte[] bArr) throws InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        try {
            Cipher cipher = Cipher.getInstance(RSA_MODE);
            cipher.init(1, key);
            return cipher.doFinal(bArr);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            Log.e(TAG, "Exception should not happen", e);
            throw new RuntimeException(e);
        }
    }
}
