package com.paypal.android.platform.authsdk.authcommon.partnerauth.security;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import du.c;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.m;

/* loaded from: classes3.dex */
public abstract class BaseSecureKeyWrapper implements SecureKeyWrapper {
    private static final String AES_CBC_PKCS5_ALGORITHM = "AES/CBC/PKCS5Padding";
    private static final String ALGORITHM = "EC";
    private static final String ANDROID_KESTORE_BC_WORKARROUND = "AndroidKeyStoreBCWorkaround";
    public static final String ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final int CIPHER_IV_SIZE_IN_BYTES = 16;
    public static final Companion Companion = new Companion(null);
    private static final String EC_CURVE = "secp256r1";
    private static final String PKI_ALGORITHM = "SHA256withECDSA";
    public static final String RSA_ALGORITHM = "RSA";
    private static final String RSA_PKCS1_ALGORITHM = "RSA/ECB/PKCS1Padding";
    private static final String TAG = "BaseSecureKeyWrapper";

    /* loaded from: classes3.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final String decryptDataUsingCipher(String encryptedData, Cipher decryptionCipher) {
            m.j(encryptedData, "encryptedData");
            m.j(decryptionCipher, "decryptionCipher");
            try {
                StringBuilder sb2 = new StringBuilder();
                sb2.append("decryptData: base64EncryptedDataPrefixedByIv is : ");
                sb2.append(encryptedData);
                byte[] decode = Base64.decode(encryptedData, 0);
                int length = decode.length - 16;
                byte[] bArr = new byte[length];
                System.arraycopy(decode, 0, new byte[16], 0, 16);
                System.arraycopy(decode, 16, bArr, 0, length);
                byte[] doFinal = decryptionCipher.doFinal(bArr);
                m.i(doFinal, "decryptionCipher.doFinal(encryptedByteData)");
                String str = new String(doFinal, c.f19803b);
                StringBuilder sb3 = new StringBuilder();
                sb3.append("decryptData: Returning decrypted data : ");
                sb3.append(str);
                return str;
            } catch (BadPaddingException | IllegalBlockSizeException unused) {
                return null;
            }
        }

        public final String encryptDataUsingCipher(String data, Cipher encryptionCipher) {
            m.j(data, "data");
            m.j(encryptionCipher, "encryptionCipher");
            try {
                byte[] bytes = data.getBytes(c.f19803b);
                m.i(bytes, "this as java.lang.String).getBytes(charset)");
                byte[] doFinal = encryptionCipher.doFinal(bytes);
                byte[] bArr = new byte[doFinal.length + 16];
                System.arraycopy(encryptionCipher.getIV(), 0, bArr, 0, 16);
                System.arraycopy(doFinal, 0, bArr, 16, doFinal.length);
                String encodeToString = Base64.encodeToString(bArr, 0);
                m.i(encodeToString, "{\n                val pl…64.DEFAULT)\n            }");
                return encodeToString;
            } catch (BadPaddingException e10) {
                throw new RuntimeException(e10);
            } catch (IllegalBlockSizeException e11) {
                throw new RuntimeException(e11);
            }
        }

        public final byte[] getDecryptionIv(String base64EncryptedDataPrefixedByIv) {
            m.j(base64EncryptedDataPrefixedByIv, "base64EncryptedDataPrefixedByIv");
            byte[] decode = Base64.decode(base64EncryptedDataPrefixedByIv, 0);
            String arrays = Arrays.toString(decode);
            StringBuilder sb2 = new StringBuilder();
            sb2.append("getDecryptionIv: encryptedDataPrefixByIv is : ");
            sb2.append(arrays);
            byte[] bArr = new byte[16];
            System.arraycopy(decode, 0, bArr, 0, 16);
            return bArr;
        }
    }

    @TargetApi(23)
    private final Signature generateSignature(String str, String str2) throws RuntimeException {
        Signature signature = null;
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, null);
            if (privateKey != null) {
                StringBuilder sb2 = new StringBuilder();
                sb2.append("generateSignature : PrivateKey ");
                sb2.append(privateKey);
            }
            signature = TextUtils.isEmpty(str2) ? Signature.getInstance(PKI_ALGORITHM) : Signature.getInstance(PKI_ALGORITHM, str2);
            if (signature != null) {
                StringBuilder sb3 = new StringBuilder();
                sb3.append("generateSignature : Signature Object ");
                sb3.append(signature);
                if (signature.getProvider() != null) {
                    String name = signature.getProvider().getName();
                    StringBuilder sb4 = new StringBuilder();
                    sb4.append("generateSignature : provider ");
                    sb4.append(name);
                }
                String algorithm = signature.getAlgorithm();
                StringBuilder sb5 = new StringBuilder();
                sb5.append("generateSignature : Signature algorithm ");
                sb5.append(algorithm);
            }
            signature.initSign(privateKey);
            return signature;
        } catch (IOException e10) {
            StringBuilder sb6 = new StringBuilder();
            sb6.append("generateSignature : Exception in generateSignature");
            sb6.append(e10);
            throw new RuntimeException(e10);
        } catch (InvalidKeyException e11) {
            StringBuilder sb7 = new StringBuilder();
            sb7.append("generateSignature : Exception in generateSignature");
            sb7.append(e11);
            throw new RuntimeException(e11);
        } catch (KeyStoreException e12) {
            StringBuilder sb8 = new StringBuilder();
            sb8.append("generateSignature : Exception in generateSignature");
            sb8.append(e12);
            throw new RuntimeException(e12);
        } catch (NoSuchAlgorithmException e13) {
            StringBuilder sb9 = new StringBuilder();
            sb9.append("generateSignature : Exception in generateSignature");
            sb9.append(e13);
            throw new RuntimeException(e13);
        } catch (UnrecoverableEntryException e14) {
            StringBuilder sb10 = new StringBuilder();
            sb10.append("generateSignature : Exception in generateSignature");
            sb10.append(e14);
            throw new RuntimeException(e14);
        } catch (CertificateException e15) {
            StringBuilder sb11 = new StringBuilder();
            sb11.append("generateSignature : Exception in generateSignature");
            sb11.append(e15);
            throw new RuntimeException(e15);
        } catch (Exception e16) {
            if (m.e("android.security.keystore.UserNotAuthenticatedException", e16.getClass().getName())) {
                m.g(signature);
                return signature;
            }
            StringBuilder sb12 = new StringBuilder();
            sb12.append("generateSignature : Exception in generateSignature");
            sb12.append(e16);
            throw new RuntimeException(e16);
        }
    }

    private final PublicKey getPublicKey(String str) {
        try {
            return KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(Base64.decode(str, 9)));
        } catch (Exception e10) {
            e10.printStackTrace();
            String message = e10.getMessage();
            StringBuilder sb2 = new StringBuilder();
            sb2.append("exception in generating public key ");
            sb2.append(message);
            return null;
        }
    }

    private final PublicKey getPublicKeyForEncryption(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            Certificate certificate = keyStore.getCertificate(str);
            if (certificate == null) {
                return null;
            }
            return certificate.getPublicKey();
        } catch (Exception unused) {
            return null;
        }
    }

    private final void setLocale(Locale locale, Context context) {
        Locale.setDefault(locale);
        Resources resources = context.getResources();
        Configuration configuration = resources.getConfiguration();
        configuration.locale = locale;
        resources.updateConfiguration(configuration, resources.getDisplayMetrics());
    }

    @TargetApi(18)
    private final byte[] signDataUsingSignatureObject(Signature signature, byte[] bArr) {
        try {
            signature.update(bArr);
            byte[] sign = signature.sign();
            m.i(sign, "{\n            signature.…ignature.sign()\n        }");
            return sign;
        } catch (SignatureException e10) {
            e10.printStackTrace();
            throw new RuntimeException(e10);
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    public String base64AndUrlSafeEncodedStringFromBytes(byte[] data) {
        m.j(data, "data");
        byte[] encodedData = Base64.encode(data, 11);
        m.i(encodedData, "encodedData");
        String str = new String(encodedData, c.f19803b);
        StringBuilder sb2 = new StringBuilder();
        sb2.append("Base64+URL Safe String: ");
        sb2.append(str);
        return str;
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    public String decryptString(String keyName, String value) {
        m.j(keyName, "keyName");
        m.j(value, "value");
        try {
            Cipher cipher = Cipher.getInstance(RSA_PKCS1_ALGORITHM);
            cipher.init(2, getPrivateKey(keyName));
            byte[] doFinal = cipher.doFinal(Base64.decode(value, 0));
            if (doFinal == null) {
                return null;
            }
            return new String(doFinal, c.f19803b);
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    public String decryptStringUsingAES(SecretKey secretKey, String value) {
        m.j(secretKey, "secretKey");
        m.j(value, "value");
        try {
            Cipher cipher = Cipher.getInstance(AES_CBC_PKCS5_ALGORITHM);
            Companion companion = Companion;
            cipher.init(2, secretKey, new IvParameterSpec(companion.getDecryptionIv(value)));
            String decryptDataUsingCipher = companion.decryptDataUsingCipher(value, cipher);
            m.g(decryptDataUsingCipher);
            return decryptDataUsingCipher;
        } catch (Exception e10) {
            String localizedMessage = e10.getLocalizedMessage();
            StringBuilder sb2 = new StringBuilder();
            sb2.append("Exception in creating cipher for decrypting String");
            sb2.append(localizedMessage);
            return null;
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    @TargetApi(23)
    public void deleteAsymmetricKey(String key) {
        m.j(key, "key");
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            keyStore.deleteEntry(key);
        } catch (IOException e10) {
            String message = e10.getMessage();
            StringBuilder sb2 = new StringBuilder();
            sb2.append("Exception while deleting key");
            sb2.append(message);
        } catch (KeyStoreException e11) {
            String message2 = e11.getMessage();
            StringBuilder sb3 = new StringBuilder();
            sb3.append("Exception while deleting key");
            sb3.append(message2);
        } catch (NoSuchAlgorithmException e12) {
            String message3 = e12.getMessage();
            StringBuilder sb4 = new StringBuilder();
            sb4.append("Exception while deleting key");
            sb4.append(message3);
        } catch (CertificateException e13) {
            String message4 = e13.getMessage();
            StringBuilder sb5 = new StringBuilder();
            sb5.append("Exception while deleting key");
            sb5.append(message4);
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    public String encryptString(String keyName, String value) {
        m.j(keyName, "keyName");
        m.j(value, "value");
        try {
            Cipher cipher = Cipher.getInstance(RSA_PKCS1_ALGORITHM);
            cipher.init(1, getPublicKeyForEncryption(keyName));
            byte[] bytes = value.getBytes(c.f19803b);
            m.i(bytes, "this as java.lang.String).getBytes(charset)");
            return Base64.encodeToString(cipher.doFinal(bytes), 0);
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    public String encryptStringUsingAES(SecretKey secretKey, String value) {
        m.j(secretKey, "secretKey");
        m.j(value, "value");
        try {
            Cipher cipher = Cipher.getInstance(AES_CBC_PKCS5_ALGORITHM);
            cipher.init(1, secretKey);
            int length = cipher.getIV().length;
            StringBuilder sb2 = new StringBuilder();
            sb2.append("IV size : ");
            sb2.append(length);
            return Companion.encryptDataUsingCipher(value, cipher);
        } catch (RuntimeException | Exception unused) {
            return null;
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    public SecretKey generateAESSecretKey() throws RuntimeException {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(new SecureRandom());
            SecretKey generateKey = keyGenerator.generateKey();
            m.i(generateKey, "{\n            kg = KeyGe…g.generateKey()\n        }");
            return generateKey;
        } catch (NoSuchAlgorithmException e10) {
            throw new RuntimeException(e10);
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    public PublicKey generatePublicKey(String keyName, Context appContext) throws RuntimeException {
        m.j(keyName, "keyName");
        m.j(appContext, "appContext");
        Objects.requireNonNull(keyName);
        PublicKey publicKeyForEncryption = getPublicKeyForEncryption(keyName);
        if (publicKeyForEncryption != null) {
            return publicKeyForEncryption;
        }
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        calendar.add(1, 1);
        Date time2 = calendar.getTime();
        Locale.getDefault();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA_ALGORITHM, ANDROID_KEYSTORE);
            keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(appContext).setAlias(keyName).setStartDate(time).setEndDate(time2).setSerialNumber(BigInteger.valueOf(1L)).setSubject(new X500Principal("CN=" + keyName)).build());
            PublicKey publicKey = keyPairGenerator.generateKeyPair().getPublic();
            StringBuilder sb2 = new StringBuilder();
            sb2.append("publicKey: ");
            sb2.append(publicKey);
            return publicKey;
        } catch (Exception unused) {
            return null;
        }
    }

    @TargetApi(23)
    public PublicKey generatePublicKey(String keyName, boolean z10, Context appContext) {
        m.j(keyName, "keyName");
        m.j(appContext, "appContext");
        Objects.requireNonNull(keyName);
        Locale.getDefault();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", ANDROID_KEYSTORE);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(keyName, 4).setAlgorithmParameterSpec(new ECGenParameterSpec(EC_CURVE)).setDigests("SHA-256").setUserAuthenticationRequired(z10).build());
            return keyPairGenerator.generateKeyPair().getPublic();
        } catch (InvalidAlgorithmParameterException e10) {
            throw new RuntimeException(e10);
        } catch (NoSuchAlgorithmException e11) {
            throw new RuntimeException(e11);
        } catch (NoSuchProviderException e12) {
            throw new RuntimeException(e12);
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    @TargetApi(23)
    public Signature generateSignature(String privateKeyAlias) throws RuntimeException {
        m.j(privateKeyAlias, "privateKeyAlias");
        try {
            return generateSignature(privateKeyAlias, null);
        } catch (RuntimeException e10) {
            if (e10.getCause() instanceof InvalidKeyException) {
                return generateSignature(privateKeyAlias, ANDROID_KESTORE_BC_WORKARROUND);
            }
            throw e10;
        }
    }

    public final PrivateKey getPrivateKey(String keyName) {
        m.j(keyName, "keyName");
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(keyName, null);
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
            }
            return null;
        } catch (IOException e10) {
            throw new RuntimeException(e10);
        } catch (KeyStoreException e11) {
            throw new RuntimeException(e11);
        } catch (NoSuchAlgorithmException e12) {
            throw new RuntimeException(e12);
        } catch (UnrecoverableEntryException e13) {
            throw new RuntimeException(e13);
        } catch (CertificateException e14) {
            throw new RuntimeException(e14);
        }
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    public String signDataUsingSignatureObjectAndBase64Encode(Signature signature, String data) {
        m.j(signature, "signature");
        m.j(data, "data");
        byte[] bytes = data.getBytes(c.f19803b);
        m.i(bytes, "this as java.lang.String).getBytes(charset)");
        String base64AndUrlSafeEncodedStringFromBytes = base64AndUrlSafeEncodedStringFromBytes(signDataUsingSignatureObject(signature, bytes));
        StringBuilder sb2 = new StringBuilder();
        sb2.append("encoded Signature String: ");
        sb2.append(base64AndUrlSafeEncodedStringFromBytes);
        return base64AndUrlSafeEncodedStringFromBytes;
    }

    @Override // com.paypal.android.platform.authsdk.authcommon.partnerauth.security.SecureKeyWrapper
    public boolean verifySignatureUsingPublicKey(String publicKey, byte[] data, String signature) {
        m.j(publicKey, "publicKey");
        m.j(data, "data");
        m.j(signature, "signature");
        try {
            Signature signature2 = Signature.getInstance(PKI_ALGORITHM);
            m.i(signature2, "getInstance(PKI_ALGORITHM)");
            Provider provider = signature2.getProvider();
            StringBuilder sb2 = new StringBuilder();
            sb2.append("s.getProvider(): ");
            sb2.append(provider);
            signature2.initVerify(getPublicKey(publicKey));
            signature2.update(data);
            boolean verify = signature2.verify(Base64.decode(signature, 11));
            StringBuilder sb3 = new StringBuilder();
            sb3.append("isVerified: ");
            sb3.append(verify);
            StringBuilder sb4 = new StringBuilder();
            sb4.append("signature verification result: ");
            sb4.append(verify);
            return verify;
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException unused) {
            return false;
        }
    }
}
