package com.paypal.authcore.security;

import android.content.Context;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes5.dex */
public abstract class BaseSecureKeyWrapper implements SecureKeyWrapper {
    protected static final String ANDROID_KEYSTORE = "AndroidKeyStore";
    protected static final String RSA_ALGORITHM = "RSA";

    private Signature a(String str, String str2) {
        String str3;
        String str4;
        String str5;
        Signature signature = null;
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, null);
            if (privateKey != null) {
                str3 = "generateSignature : PrivateKey " + privateKey.toString();
            } else {
                str3 = "generateSignature : unable to generate Private key  ";
            }
            Log.d("BaseSecureKeyWrapper", str3);
            signature = TextUtils.isEmpty(str2) ? Signature.getInstance("SHA256withECDSA") : Signature.getInstance("SHA256withECDSA", str2);
            if (signature != null) {
                Log.d("BaseSecureKeyWrapper", "generateSignature : Signature Object " + signature.toString());
                if (signature.getProvider() != null) {
                    str5 = "generateSignature : provider " + signature.getProvider().getName();
                } else {
                    str5 = "generateSignature : unable to find provider ";
                }
                Log.d("BaseSecureKeyWrapper", str5);
                str4 = "generateSignature : Signature algorithm " + signature.getAlgorithm();
            } else {
                str4 = "generateSignature : unable to generate signature ";
            }
            Log.d("BaseSecureKeyWrapper", str4);
            signature.initSign(privateKey);
            return signature;
        } catch (IOException e) {
            e = e;
            Log.d("BaseSecureKeyWrapper", "generateSignature : Exception in generateSignature" + e);
            throw new RuntimeException(e);
        } catch (InvalidKeyException e2) {
            e = e2;
            Log.d("BaseSecureKeyWrapper", "generateSignature : Exception in generateSignature" + e);
            throw new RuntimeException(e);
        } catch (KeyStoreException e3) {
            e = e3;
            Log.d("BaseSecureKeyWrapper", "generateSignature : Exception in generateSignature" + e);
            throw new RuntimeException(e);
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            Log.d("BaseSecureKeyWrapper", "generateSignature : Exception in generateSignature" + e);
            throw new RuntimeException(e);
        } catch (UnrecoverableEntryException e5) {
            e = e5;
            Log.d("BaseSecureKeyWrapper", "generateSignature : Exception in generateSignature" + e);
            throw new RuntimeException(e);
        } catch (CertificateException e6) {
            e = e6;
            Log.d("BaseSecureKeyWrapper", "generateSignature : Exception in generateSignature" + e);
            throw new RuntimeException(e);
        } catch (Exception e7) {
            if (Build.VERSION.SDK_INT >= 23 && "android.security.keystore.UserNotAuthenticatedException".equals(e7.getClass().getName())) {
                Log.d("BaseSecureKeyWrapper", "generateSignature : UserNotAuthenticatedException in generateSignature", e7);
                return signature;
            }
            Log.d("BaseSecureKeyWrapper", "generateSignature : Exception in generateSignature" + e7);
            throw new RuntimeException(e7);
        }
    }

    private void a(Locale locale, Context context) {
        Locale.setDefault(locale);
        Resources resources = context.getResources();
        Configuration configuration = resources.getConfiguration();
        configuration.locale = locale;
        resources.updateConfiguration(configuration, resources.getDisplayMetrics());
    }

    static byte[] a(String str) {
        if (str == null) {
            Log.d("BaseSecureKeyWrapper", "getDecryptionIv: base64EncryptedDataPrefixedByIv is null !");
            return null;
        }
        byte[] decode = Base64.decode(str, 0);
        Log.d("BaseSecureKeyWrapper", "getDecryptionIv: encryptedDataPrefixByIv is : " + Arrays.toString(decode));
        byte[] bArr = new byte[16];
        System.arraycopy(decode, 0, bArr, 0, 16);
        return bArr;
    }

    private byte[] a(Signature signature, byte[] bArr) {
        try {
            signature.update(bArr);
            return signature.sign();
        } catch (SignatureException e) {
            e.printStackTrace();
            Log.d("BaseSecureKeyWrapper", "signDataUsingSignatureObject : Exception in signDataUsingSignatureObject", e);
            throw new RuntimeException(e);
        }
    }

    private PublicKey b(String str) {
        try {
            return KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(Base64.decode(str, 9)));
        } catch (Exception e) {
            e.printStackTrace();
            Log.d("BaseSecureKeyWrapper", "exception in generating public key " + e.getMessage());
            return null;
        }
    }

    private PublicKey c(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            Certificate certificate = keyStore.getCertificate(str);
            if (certificate == null) {
                return null;
            }
            return certificate.getPublicKey();
        } catch (Exception e) {
            Log.d("BaseSecureKeyWrapper", "Exception in retrieving Public key", e);
            return null;
        }
    }

    public static String decryptDataUsingCipher(String str, Cipher cipher) {
        try {
            Log.d("BaseSecureKeyWrapper", "decryptData: base64EncryptedDataPrefixedByIv is : " + str);
            byte[] decode = Base64.decode(str, 0);
            int length = decode.length - 16;
            byte[] bArr = new byte[length];
            System.arraycopy(decode, 0, new byte[16], 0, 16);
            System.arraycopy(decode, 16, bArr, 0, length);
            String str2 = new String(cipher.doFinal(bArr));
            Log.d("BaseSecureKeyWrapper", "decryptData: Returning decrypted data : " + str2);
            return str2;
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            Log.d("BaseSecureKeyWrapper", "decryptData: Exception", e);
            return null;
        }
    }

    public static String encryptDataUsingCipher(String str, Cipher cipher) {
        try {
            byte[] doFinal = cipher.doFinal(str.getBytes());
            byte[] bArr = new byte[doFinal.length + 16];
            System.arraycopy(cipher.getIV(), 0, bArr, 0, 16);
            System.arraycopy(doFinal, 0, bArr, 16, doFinal.length);
            return Base64.encodeToString(bArr, 0);
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            Log.d("BaseSecureKeyWrapper", "Error while encrypting data: Exception", e);
            throw new RuntimeException(e);
        }
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public String base64AndUrlSafeEncodedStringFromBytes(byte[] bArr) {
        String str = new String(Base64.encode(bArr, 11));
        Log.d("BaseSecureKeyWrapper", "Base64+URL Safe String: " + str);
        return str;
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public String decryptString(String str, String str2) {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, getPrivateKey(str));
            byte[] doFinal = cipher.doFinal(Base64.decode(str2, 0));
            if (doFinal != null) {
                return new String(doFinal);
            }
        } catch (Exception unused) {
        }
        return null;
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public String decryptStringUsingAES(SecretKey secretKey, String str) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, secretKey, new IvParameterSpec(a(str)));
            return decryptDataUsingCipher(str, cipher);
        } catch (Exception e) {
            Log.d("BaseSecureKeyWrapper", "Exception in creating cipher for decrypting String" + e.getLocalizedMessage());
            return null;
        }
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public void deleteAsymmetricKey(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            keyStore.deleteEntry(str);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Log.d("BaseSecureKeyWrapper", "Exception while deleting key" + e.getMessage());
        }
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public String encryptString(String str, String str2) {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, c(str));
            return Base64.encodeToString(cipher.doFinal(str2.getBytes()), 0);
        } catch (Exception e) {
            Log.d("BaseSecureKeyWrapper", "Exception in encrypting String", e);
            return null;
        }
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public String encryptStringUsingAES(SecretKey secretKey, String str) {
        String str2;
        Cipher cipher;
        try {
            cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(1, secretKey);
            Log.d("BaseSecureKeyWrapper", "IV size : " + cipher.getIV().length);
        } catch (Exception e) {
            e = e;
            str2 = "Exception in creating cipher for encrypting String";
        }
        try {
            return encryptDataUsingCipher(str, cipher);
        } catch (RuntimeException e2) {
            e = e2;
            str2 = "Exception in encrypting String";
            Log.d("BaseSecureKeyWrapper", str2, e);
            return null;
        }
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public SecretKey generateAESSecretKey() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(new SecureRandom());
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            Log.d("BaseSecureKeyWrapper", "Exception in generateAESSecretKey", e);
            throw new RuntimeException(e);
        }
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public PublicKey generatePublicKey(String str, Context context) {
        Objects.requireNonNull(str);
        PublicKey c = c(str);
        if (c != null) {
            return c;
        }
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        calendar.add(1, 1);
        Date time2 = calendar.getTime();
        Locale locale = Locale.getDefault();
        try {
            try {
                int i = Build.VERSION.SDK_INT;
                if (i == 23) {
                    a(Locale.ENGLISH, context);
                }
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA_ALGORITHM, ANDROID_KEYSTORE);
                keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context).setAlias(str).setStartDate(time).setEndDate(time2).setSerialNumber(BigInteger.valueOf(1L)).setSubject(new X500Principal("CN=" + str)).build());
                PublicKey publicKey = keyPairGenerator.generateKeyPair().getPublic();
                Log.d("BaseSecureKeyWrapper", "publicKey: " + publicKey.toString());
                if (i == 23) {
                    a(locale, context);
                }
                return publicKey;
            } catch (Exception e) {
                Log.e("BaseSecureKeyWrapper", "Exception in generatePublicKey", e);
                if (Build.VERSION.SDK_INT == 23) {
                    a(locale, context);
                }
                return null;
            }
        } catch (Throwable th) {
            if (Build.VERSION.SDK_INT == 23) {
                a(locale, context);
            }
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    public PublicKey generatePublicKey(String str, boolean z, Context context) {
        Objects.requireNonNull(str);
        int i = Build.VERSION.SDK_INT;
        if (i < 23) {
            throw new RuntimeException("Feature only supported for versions Android-M and above");
        }
        Locale locale = Locale.getDefault();
        try {
            if (i == 23) {
                try {
                    a(Locale.ENGLISH, context);
                } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
                    Log.e("BaseSecureKeyWrapper", "Exception in generateAsymmetricKeyPairAndGetPublicKey", e);
                    throw new RuntimeException(e);
                }
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", ANDROID_KEYSTORE);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 4).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests("SHA-256").setUserAuthenticationRequired(z).build());
            PublicKey publicKey = keyPairGenerator.generateKeyPair().getPublic();
            if (i == 23) {
                a(locale, context);
            }
            return publicKey;
        } catch (Throwable th) {
            if (Build.VERSION.SDK_INT == 23) {
                a(locale, context);
            }
            throw th;
        }
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public Signature generateSignature(String str) {
        try {
            return a(str, (String) null);
        } catch (RuntimeException e) {
            if (e.getCause() instanceof InvalidKeyException) {
                return a(str, "AndroidKeyStoreBCWorkaround");
            }
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PrivateKey getPrivateKey(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(str, null);
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
            }
            Log.d("BaseSecureKeyWrapper", "Not an instance of a PrivateKeyEntry");
            return null;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            Log.d("BaseSecureKeyWrapper", "Exception in retrieving Private key", e);
            throw new RuntimeException(e);
        }
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public String signDataUsingSignatureObjectAndBase64Encode(Signature signature, String str) {
        String base64AndUrlSafeEncodedStringFromBytes = base64AndUrlSafeEncodedStringFromBytes(a(signature, str.getBytes()));
        Log.d("BaseSecureKeyWrapper", "encoded Signature String: " + base64AndUrlSafeEncodedStringFromBytes);
        return base64AndUrlSafeEncodedStringFromBytes;
    }

    @Override // com.paypal.authcore.security.SecureKeyWrapper
    public boolean verifySignatureUsingPublicKey(String str, byte[] bArr, String str2) {
        try {
            Signature signature = Signature.getInstance("SHA256withECDSA");
            Log.d("BaseSecureKeyWrapper", "s.getProvider(): " + signature.getProvider());
            signature.initVerify(b(str));
            signature.update(bArr);
            boolean verify = signature.verify(Base64.decode(str2, 11));
            Log.d("BaseSecureKeyWrapper", "isVerified: " + verify);
            Log.d("BaseSecureKeyWrapper", "signature verification result: " + verify);
            return verify;
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
            Log.d("BaseSecureKeyWrapper", "verifySignatureUsingPublicKey : Exception in verifySignatureUsingPublicKey", e);
            return false;
        }
    }
}
