package com.naver.android.techfinlib.keystore;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import com.nhn.android.myn.keystore.RSAKeyStoreImpl;
import com.nhn.android.statistics.nclicks.e;
import hq.g;
import hq.h;
import i5.x;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.a0;
import kotlin.jvm.internal.e0;
import kotlin.y;

/* compiled from: RSAKeyStoreManagerOnlyTest.kt */
@Metadata(d1 = {"\u0000H\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0013\n\u0002\u0018\u0002\n\u0002\b\u0007\bÆ\u0002\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b-\u0010.J\b\u0010\u0003\u001a\u00020\u0002H\u0002J\b\u0010\u0004\u001a\u00020\u0002H\u0002J\u001a\u0010\n\u001a\u00020\t2\b\u0010\u0006\u001a\u0004\u0018\u00010\u00052\u0006\u0010\b\u001a\u00020\u0007H\u0002J\u001a\u0010\r\u001a\u00020\f2\b\u0010\u0006\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u000b\u001a\u00020\u0007H\u0002J\b\u0010\u000f\u001a\u00020\u000eH\u0002J\b\u0010\u0010\u001a\u00020\u000eH\u0002J\u0018\u0010\u0015\u001a\u00020\u00142\u0006\u0010\u0011\u001a\u00020\u00052\u0006\u0010\u0013\u001a\u00020\u0012H\u0002J(\u0010\u0017\u001a\u0004\u0018\u00010\u00072\u0006\u0010\u0006\u001a\u00020\u00052\u0006\u0010\u000b\u001a\u00020\u00072\u0006\u0010\b\u001a\u00020\u00072\u0006\u0010\u0016\u001a\u00020\u0007J(\u0010\u0019\u001a\u0004\u0018\u00010\u00072\u0006\u0010\u0006\u001a\u00020\u00052\u0006\u0010\u000b\u001a\u00020\u00072\u0006\u0010\b\u001a\u00020\u00072\u0006\u0010\u0018\u001a\u00020\u0007J\u0018\u0010\u001b\u001a\u00020\u00072\b\u0010\u0011\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u001a\u001a\u00020\u0007J\u0018\u0010\u001d\u001a\u00020\u00072\b\u0010\u0011\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u001c\u001a\u00020\u0007J\u0018\u0010\u001e\u001a\u00020\u00142\b\u0010\u0011\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u0013\u001a\u00020\u0012R\u0014\u0010 \u001a\u00020\u00058\u0006X\u0086T¢\u0006\u0006\n\u0004\b\u0019\u0010\u001fR\u0014\u0010!\u001a\u00020\u00058\u0006X\u0086T¢\u0006\u0006\n\u0004\b\u001e\u0010\u001fR\u0014\u0010\"\u001a\u00020\u00058\u0006X\u0086T¢\u0006\u0006\n\u0004\b\u0015\u0010\u001fR\u0014\u0010#\u001a\u00020\u00058\u0006X\u0086T¢\u0006\u0006\n\u0004\b\u0010\u0010\u001fR\u0014\u0010$\u001a\u00020\u00058\u0006X\u0086T¢\u0006\u0006\n\u0004\b\u000f\u0010\u001fR\u0014\u0010%\u001a\u00020\u00058\u0006X\u0086T¢\u0006\u0006\n\u0004\b\n\u0010\u001fR\u0014\u0010'\u001a\u00020\u00058\u0006X\u0086T¢\u0006\u0006\n\u0004\b&\u0010\u001fR#\u0010,\u001a\n )*\u0004\u0018\u00010(0(8FX\u0086\u0084\u0002¢\u0006\f\n\u0004\b\r\u0010*\u001a\u0004\b&\u0010+¨\u0006/"}, d2 = {"Lcom/naver/android/techfinlib/keystore/RSAKeyStoreManagerOnlyTest;", "", "", "j", "k", "", "keystoreAlias", "", "randomIv", "Ljavax/crypto/spec/IvParameterSpec;", "g", "randomAESKey", "Ljava/security/Key;", "i", "Ljavax/crypto/Cipher;", e.Id, e.Md, "alias", "Landroid/content/Context;", "context", "Lkotlin/u1;", com.facebook.login.widget.d.l, "encryptedByteArray", "a", "input", "b", "encrypted", "l", x.SECRET, "m", "c", "Ljava/lang/String;", "androidKeyStore", "mode_aes", "mode_rsa", "androidopenssl", "androidkeystorewk", "bcProvider", e.Kd, "TAG", "Ljava/security/KeyStore;", "kotlin.jvm.PlatformType", "Lkotlin/y;", "()Ljava/security/KeyStore;", "keystore", "<init>", "()V", "techfinlib_marketRelease"}, k = 1, mv = {1, 6, 0})
/* loaded from: classes3.dex */
public final class RSAKeyStoreManagerOnlyTest {

    /* renamed from: a, reason: collision with root package name */
    @g
    public static final RSAKeyStoreManagerOnlyTest f25516a = new RSAKeyStoreManagerOnlyTest();

    /* renamed from: b, reason: from kotlin metadata */
    @g
    public static final String androidKeyStore = "AndroidKeyStore";

    /* renamed from: c, reason: collision with root package name and from kotlin metadata */
    @g
    public static final String mode_aes = "AES/GCM/NoPadding";

    /* renamed from: d, reason: from kotlin metadata */
    @g
    public static final String mode_rsa = "RSA/ECB/PKCS1Padding";

    /* renamed from: e, reason: from kotlin metadata */
    @g
    public static final String androidopenssl = "AndroidOpenSSL";

    /* renamed from: f, reason: from kotlin metadata */
    @g
    public static final String androidkeystorewk = "AndroidKeyStoreBCWorkaround";

    /* renamed from: g, reason: collision with root package name and from kotlin metadata */
    @g
    public static final String bcProvider = "BC";

    /* renamed from: h, reason: collision with root package name and from kotlin metadata */
    @g
    public static final String TAG = "TechFinKeyStoreManager";

    /* renamed from: i, reason: from kotlin metadata */
    @g
    private static final y keystore;

    static {
        y c10;
        c10 = a0.c(new xm.a<KeyStore>() { // from class: com.naver.android.techfinlib.keystore.RSAKeyStoreManagerOnlyTest$keystore$2
            @Override // xm.a
            public final KeyStore invoke() {
                return KeyStore.getInstance("AndroidKeyStore");
            }
        });
        keystore = c10;
    }

    private RSAKeyStoreManagerOnlyTest() {
    }

    private final void d(String str, Context context) {
        Calendar.getInstance();
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=" + str + kotlinx.serialization.json.internal.b.j)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        e0.o(build, "Builder(context)\n       …ime)\n            .build()");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSAKeyStoreImpl.f, "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private final Cipher e() {
        if (k()) {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            e0.o(cipher, "{\n            Cipher.get…tance(mode_aes)\n        }");
            return cipher;
        }
        Cipher cipher2 = Cipher.getInstance("AES/GCM/NoPadding", bcProvider);
        e0.o(cipher2, "getInstance(mode_aes, bcProvider)");
        return cipher2;
    }

    private final Cipher f() {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", j() ? androidkeystorewk : "AndroidOpenSSL");
        e0.o(cipher, "getInstance(mode_rsa, if…rewk else androidopenssl)");
        return cipher;
    }

    private final IvParameterSpec g(String keystoreAlias, byte[] randomIv) {
        return new IvParameterSpec(l(keystoreAlias, randomIv));
    }

    private final Key i(String keystoreAlias, byte[] randomAESKey) {
        return new SecretKeySpec(l(keystoreAlias, randomAESKey), com.navercorp.nid.crypto.b.TAG);
    }

    private final boolean j() {
        return true;
    }

    private final boolean k() {
        return Build.VERSION.SDK_INT >= 28;
    }

    @h
    public final byte[] a(@g String keystoreAlias, @g byte[] randomAESKey, @g byte[] randomIv, @g byte[] encryptedByteArray) {
        e0.p(keystoreAlias, "keystoreAlias");
        e0.p(randomAESKey, "randomAESKey");
        e0.p(randomIv, "randomIv");
        e0.p(encryptedByteArray, "encryptedByteArray");
        Cipher e = e();
        e.init(2, i(keystoreAlias, randomAESKey), g(keystoreAlias, randomIv));
        return e.doFinal(encryptedByteArray);
    }

    @h
    public final byte[] b(@g String keystoreAlias, @g byte[] randomAESKey, @g byte[] randomIv, @g byte[] input) {
        e0.p(keystoreAlias, "keystoreAlias");
        e0.p(randomAESKey, "randomAESKey");
        e0.p(randomIv, "randomIv");
        e0.p(input, "input");
        Cipher e = e();
        e.init(1, i(keystoreAlias, randomAESKey), g(keystoreAlias, randomIv));
        return e.doFinal(input);
    }

    public final void c(@h String str, @g Context context) {
        e0.p(context, "context");
        if (str == null || str.length() == 0) {
            return;
        }
        h().load(null);
        if (h().containsAlias(str)) {
            return;
        }
        d(str, context);
    }

    public final KeyStore h() {
        return (KeyStore) keystore.getValue();
    }

    @g
    public final byte[] l(@h String alias, @g byte[] encrypted) {
        int i;
        e0.p(encrypted, "encrypted");
        h().load(null);
        Cipher f = f();
        if (k()) {
            Key key = h().getKey(alias, null);
            if (key == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.PrivateKey");
            }
            f.init(2, (PrivateKey) key);
        } else {
            KeyStore.Entry entry = h().getEntry(alias, null);
            if (entry == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            }
            f.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        }
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(encrypted), f);
        ArrayList arrayList = new ArrayList();
        boolean z = true;
        while (true) {
            if (!z) {
                break;
            }
            int read = cipherInputStream.read();
            if (read == -1) {
                z = false;
            } else {
                arrayList.add(Byte.valueOf((byte) read));
            }
        }
        int size = arrayList.size();
        byte[] bArr = new byte[size];
        for (i = 0; i < size; i++) {
            bArr[i] = ((Number) arrayList.get(i)).byteValue();
        }
        return bArr;
    }

    @g
    public final byte[] m(@h String alias, @g byte[] secret) {
        e0.p(secret, "secret");
        Cipher f = f();
        h().load(null);
        if (k()) {
            f.init(1, h().getCertificate(alias).getPublicKey());
        } else {
            KeyStore.Entry entry = h().getEntry(alias, null);
            if (entry == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            }
            f.init(1, ((KeyStore.PrivateKeyEntry) entry).getCertificate());
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, f);
        cipherOutputStream.write(secret);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        e0.o(byteArray, "output.toByteArray()");
        return byteArray;
    }
}
