package com.vivo.b.m;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.vivo.security.utils.RSAUtils;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;

/* compiled from: KeyStoreUtil.java */
/* loaded from: classes.dex */
public class d {

    /* renamed from: a, reason: collision with root package name */
    private static int f6004a = 16;

    /* renamed from: b, reason: collision with root package name */
    private static final Object f6005b = new Object();
    private static KeyStore c;

    public static KeyStore.Entry a(String str) {
        try {
            if (c == null) {
                a();
            }
            KeyStore.Entry entry = c.getEntry(str, null);
            if ((entry instanceof KeyStore.PrivateKeyEntry) || (entry instanceof KeyStore.SecretKeyEntry)) {
                return entry;
            }
            com.vivo.b.h.a.d("KeyStoreUtil", "Not an instance of a PrivateKeyEntry or SecretKeyEntry");
            return null;
        } catch (Exception e) {
            com.vivo.b.h.a.e("KeyStoreUtil", "getKey Exception: " + e);
            return null;
        }
    }

    private static void a() throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException {
        synchronized (f6005b) {
            if (c == null) {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                c = keyStore;
                keyStore.load(null);
            }
        }
    }

    private static void a(KeyStore keyStore, String str) throws KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        if (Build.VERSION.SDK_INT < 23) {
            com.vivo.b.h.a.d("KeyStoreUtil", "the Android SDK version is below 6.0, do not generate RAS key!");
            return;
        }
        if (keyStore.containsAlias(str)) {
            return;
        }
        int size = keyStore.size();
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 10);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSAUtils.KEY_ALGORITHM, "AndroidKeyStore");
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 15).setEncryptionPaddings("PKCS1Padding").setSignaturePaddings("PKCS1").setKeySize(2048).setKeyValidityStart(calendar.getTime()).setKeyValidityEnd(calendar2.getTime()).setCertificateSubject(new X500Principal("CN=test")).setCertificateSerialNumber(BigInteger.ONE).setDigests("SHA-256", "SHA-512").build());
        keyPairGenerator.generateKeyPair();
        int size2 = keyStore.size();
        if (com.vivo.b.h.a.f5943b) {
            com.vivo.b.h.a.a("KeyStoreUtil", "Before = " + size + " After = " + size2);
        }
    }

    public static boolean a(String str, boolean z, String str2) {
        try {
            if (c == null) {
                a();
            }
            if (z && c.containsAlias(str)) {
                b(str);
            }
            if (RSAUtils.KEY_ALGORITHM.equals(str2)) {
                a(c, str);
                return true;
            }
            if ("EC".equals(str2)) {
                b(c, str);
                return true;
            }
            c(c, str);
            return true;
        } catch (Exception e) {
            com.vivo.b.h.a.e("KeyStoreUtil", "generateKey Exception: " + e);
            return false;
        }
    }

    private static byte[] a(byte[] bArr, String str) throws GeneralSecurityException {
        KeyStore.Entry a2 = a(str);
        if (a2 == null) {
            return bArr;
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
        cipher.init(1, ((KeyStore.PrivateKeyEntry) a2).getCertificate().getPublicKey());
        return cipher.doFinal(bArr);
    }

    public static byte[] a(byte[] bArr, String str, String str2) throws GeneralSecurityException {
        if (Build.VERSION.SDK_INT < 23) {
            return bArr;
        }
        if (RSAUtils.KEY_ALGORITHM.equals(str2)) {
            return b(bArr, str);
        }
        return a(Arrays.copyOfRange(bArr, f6004a, bArr.length), str, Arrays.copyOfRange(bArr, 0, f6004a));
    }

    public static byte[] a(byte[] bArr, String str, boolean z, String str2) throws GeneralSecurityException {
        a(str, z, str2);
        return Build.VERSION.SDK_INT >= 23 ? RSAUtils.KEY_ALGORITHM.equals(str2) ? a(bArr, str) : c(bArr, str) : bArr;
    }

    private static byte[] a(byte[] bArr, String str, byte[] bArr2) throws GeneralSecurityException {
        KeyStore.Entry a2 = a(str);
        if (a2 == null) {
            return bArr;
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(2, ((KeyStore.SecretKeyEntry) a2).getSecretKey(), new IvParameterSpec(bArr2));
        return cipher.doFinal(bArr);
    }

    public static void b(String str) {
        try {
            if (c == null) {
                a();
            }
            c.deleteEntry(str);
        } catch (Exception e) {
            com.vivo.b.h.a.e("KeyStoreUtil", "deleteKey Exception: " + e);
        }
    }

    private static void b(KeyStore keyStore, String str) throws KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        if (Build.VERSION.SDK_INT < 23) {
            com.vivo.b.h.a.d("KeyStoreUtil", "the Android SDK version is below 6.0, do not generate EC key!");
            return;
        }
        if (keyStore.containsAlias(str)) {
            return;
        }
        int size = keyStore.size();
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 10);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 12).setDigests("SHA-256", "SHA-512").setKeyValidityStart(calendar.getTime()).setKeyValidityEnd(calendar2.getTime()).build());
        keyPairGenerator.generateKeyPair();
        int size2 = keyStore.size();
        if (com.vivo.b.h.a.f5943b) {
            com.vivo.b.h.a.a("KeyStoreUtil", "Before = " + size + " After = " + size2);
        }
    }

    private static byte[] b(byte[] bArr, String str) throws GeneralSecurityException {
        KeyStore.Entry a2 = a(str);
        if (a2 == null) {
            return bArr;
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
        cipher.init(2, ((KeyStore.PrivateKeyEntry) a2).getPrivateKey());
        return cipher.doFinal(bArr);
    }

    public static String c(String str) throws GeneralSecurityException {
        return Base64.encodeToString(a(str.getBytes(), "vhs_key_aes", false, "AES"), 0);
    }

    private static void c(KeyStore keyStore, String str) throws KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        if (Build.VERSION.SDK_INT < 23) {
            com.vivo.b.h.a.d("KeyStoreUtil", "the Android SDK version is below 6.0, do not generate AES key!");
            return;
        }
        if (keyStore.containsAlias(str)) {
            return;
        }
        int size = keyStore.size();
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CBC").setUserAuthenticationRequired(false).setEncryptionPaddings("PKCS7Padding").build());
        keyGenerator.generateKey();
        int size2 = keyStore.size();
        if (com.vivo.b.h.a.f5943b) {
            com.vivo.b.h.a.a("KeyStoreUtil", "generateAESKeyIfNeed Before = " + size + " After = " + size2);
        }
    }

    private static byte[] c(byte[] bArr, String str) throws GeneralSecurityException {
        KeyStore.Entry a2 = a(str);
        if (a2 == null) {
            return bArr;
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(1, ((KeyStore.SecretKeyEntry) a2).getSecretKey());
        byte[] iv = cipher.getIV();
        byte[] doFinal = cipher.doFinal(bArr);
        byte[] bArr2 = new byte[iv.length + doFinal.length];
        System.arraycopy(iv, 0, bArr2, 0, iv.length);
        System.arraycopy(doFinal, 0, bArr2, iv.length, doFinal.length);
        f6004a = iv.length;
        return bArr2;
    }

    public static String d(String str) throws GeneralSecurityException {
        return new String(a(Base64.decode(str, 0), "vhs_key_aes", "AES"));
    }
}
