package org.xbet.client1.util.keystore;

import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Locale;
import java.util.Objects;
import javax.security.auth.x500.X500Principal;
import kotlin.jvm.internal.h;
import kotlin.jvm.internal.h0;
import kotlin.jvm.internal.n;
import m70.a;
import org.spongycastle.cert.c;
import org.spongycastle.operator.bc.d;
import org.xbet.client1.presentation.application.ApplicationLoader;
import z70.b;

/* compiled from: KeyStoreCompat.kt */
/* loaded from: classes6.dex */
public final class KeyStoreCompat {
    public static final String ALIAS = "1xBetorg.betwinner.client";
    public static final Companion Companion = new Companion(null);
    private static final String FILE_NAME = "trash";
    private static final String KEYSTORE_NAME = "AndroidKeyStore";
    private final KeyStore keyStore;

    /* compiled from: KeyStoreCompat.kt */
    /* loaded from: classes6.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(h hVar) {
            this();
        }

        public final char[] getPassword() {
            char[] charArray = ApplicationLoader.Z0.a().A().e().l().toCharArray();
            n.e(charArray, "this as java.lang.String).toCharArray()");
            return charArray;
        }
    }

    public KeyStoreCompat() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_NAME);
        n.e(keyStore, "getInstance(KEYSTORE_NAME)");
        this.keyStore = keyStore;
    }

    private final X509Certificate generateCertificate(KeyPair keyPair) throws Exception {
        Locale locale = Locale.ENGLISH;
        Calendar calendar = Calendar.getInstance(locale);
        Calendar calendar2 = Calendar.getInstance(locale);
        calendar2.add(1, 5);
        c cVar = new c(new l70.c("CN=1xBetorg.betwinner.client"), BigInteger.valueOf(System.currentTimeMillis()), calendar.getTime(), calendar2.getTime(), new l70.c("CN=1xBetorg.betwinner.client"), m70.h.o(keyPair.getPublic().getEncoded()));
        a b12 = new z70.c().b("SHA1withRSA");
        X509Certificate a12 = new org.spongycastle.cert.jcajce.c().b("BC").a(cVar.a(new d(b12, new b().a(b12)).b(r70.a.b(keyPair.getPrivate().getEncoded()))));
        n.e(a12, "JcaX509CertificateConver…etCertificate(certHolder)");
        return a12;
    }

    private final void generateForApiMAndGreater() {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_NAME);
        KeyGenParameterSpec.Builder certificateSerialNumber = new KeyGenParameterSpec.Builder(ALIAS, 12).setCertificateSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
        h0 h0Var = h0.f40135a;
        String format = String.format("CN=%s, OU=%s", Arrays.copyOf(new Object[]{ALIAS, ApplicationLoader.Z0.a().getPackageName()}, 2));
        n.e(format, "format(format, *args)");
        keyPairGenerator.initialize(certificateSerialNumber.setCertificateSubject(new X500Principal(format)).setDigests("SHA-256").setSignaturePaddings("PKCS1").setEncryptionPaddings("OAEPPadding").build());
        keyPairGenerator.generateKeyPair();
    }

    private final void generateForOlderApi() {
        ApplicationLoader a12 = ApplicationLoader.Z0.a();
        Locale locale = Locale.ENGLISH;
        Calendar calendar = Calendar.getInstance(locale);
        Calendar calendar2 = Calendar.getInstance(locale);
        calendar2.add(1, 10);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_NAME);
        KeyPairGeneratorSpec.Builder alias = new KeyPairGeneratorSpec.Builder(a12).setAlias(ALIAS);
        h0 h0Var = h0.f40135a;
        String format = String.format("CN=%s, OU=%s", Arrays.copyOf(new Object[]{ALIAS, a12.getPackageName()}, 2));
        n.e(format, "format(format, *args)");
        keyPairGenerator.initialize(alias.setSubject(new X500Principal(format)).setSerialNumber(BigInteger.valueOf(System.currentTimeMillis())).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
        keyPairGenerator.generateKeyPair();
    }

    private final void store(char[] cArr) throws Exception {
        FileOutputStream openFileOutput = ApplicationLoader.Z0.a().openFileOutput(FILE_NAME, 0);
        this.keyStore.store(openFileOutput, cArr);
        openFileOutput.close();
    }

    public final boolean containsAlias(String alias) throws KeyStoreException {
        n.f(alias, "alias");
        return this.keyStore.containsAlias(alias);
    }

    public final void createKeys() throws Exception {
        if (Build.VERSION.SDK_INT >= 23) {
            generateForApiMAndGreater();
        } else {
            generateForOlderApi();
        }
    }

    public final void createKeysCompat(String algorithm) throws Exception {
        n.f(algorithm, "algorithm");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(algorithm, "BC");
        keyPairGenerator.initialize(2048);
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        n.e(keyPair, "keyPair");
        X509Certificate generateCertificate = generateCertificate(keyPair);
        char[] password = Companion.getPassword();
        this.keyStore.setCertificateEntry(ALIAS, generateCertificate);
        this.keyStore.setKeyEntry(ALIAS, keyPair.getPrivate(), password, new Certificate[]{generateCertificate});
        store(password);
    }

    public final void deleteEntry(String alias) throws KeyStoreException {
        n.f(alias, "alias");
        this.keyStore.deleteEntry(alias);
    }

    public final KeyStore.Entry getEntry(String alias) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException {
        n.f(alias, "alias");
        KeyStore.Entry entry = this.keyStore.getEntry(alias, null);
        n.e(entry, "keyStore.getEntry(alias, null)");
        return entry;
    }

    public final KeyStore.Entry getEntry(String alias, char[] password) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
        n.f(alias, "alias");
        n.f(password, "password");
        KeyStore.Entry entry = this.keyStore.getEntry(alias, new KeyStore.PasswordProtection(password));
        n.e(entry, "keyStore.getEntry(alias,…wordProtection(password))");
        return entry;
    }

    public final String getPublicKey() {
        KeyStore.Entry entry = this.keyStore.getEntry(ALIAS, null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        PublicKey publicKey = ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey();
        Objects.requireNonNull(publicKey, "null cannot be cast to non-null type java.security.PublicKey");
        String encodeToString = Base64.encodeToString(publicKey.getEncoded(), 2);
        n.e(encodeToString, "encodeToString(publicKey.encoded, Base64.NO_WRAP)");
        return encodeToString;
    }

    public final void load() throws Exception {
        this.keyStore.load(null);
    }

    public final String signData(String data) {
        n.f(data, "data");
        try {
            Key key = this.keyStore.getKey(ALIAS, null);
            if (key == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.PrivateKey");
            }
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign((PrivateKey) key);
            byte[] bytes = data.getBytes(kotlin.text.d.f40174b);
            n.e(bytes, "this as java.lang.String).getBytes(charset)");
            signature.update(bytes);
            byte[] sign = signature.sign();
            String encodeToString = sign != null ? Base64.encodeToString(sign, 2) : "";
            n.e(encodeToString, "{\n            val privat…\"\n            }\n        }");
            return encodeToString;
        } catch (Exception unused) {
            return "";
        }
    }

    public final boolean verifyData(String data, String signedData) {
        n.f(data, "data");
        n.f(signedData, "signedData");
        Certificate certificate = this.keyStore.getCertificate(ALIAS);
        byte[] decode = Base64.decode(signedData, 0);
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initVerify(certificate);
        byte[] bytes = data.getBytes(kotlin.text.d.f40174b);
        n.e(bytes, "this as java.lang.String).getBytes(charset)");
        signature.update(bytes);
        return signature.verify(decode);
    }
}
