package com.smartrent.resident.utils;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.smartrent.crypto.ConstantsKt;
import com.smartrent.resident.ResidentApplicationKt;
import com.squareup.otto.Bus;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.ECGenParameterSpec;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.annotation.AnnotationRetention;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Ref;
import org.spongycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* compiled from: KeyStoreUtil.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000H\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u000e\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0010\u000b\n\u0002\b\u0005\bÆ\u0002\u0018\u00002\u00020\u0001:\u0001/B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0016\u0010\u0017\u001a\u00020\u00182\u0006\u0010\u0019\u001a\u00020\u001a2\u0006\u0010\u001b\u001a\u00020\u0004J\u0010\u0010\u001c\u001a\u00020\u001d2\u0006\u0010\u001b\u001a\u00020\u0004H\u0002J\u001a\u0010\u001e\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u001b\u001a\u00020\u00042\b\u0010\u001f\u001a\u0004\u0018\u00010\u0004J\u000e\u0010 \u001a\u00020\u00182\u0006\u0010\u001b\u001a\u00020\u0004J\u001a\u0010!\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u001b\u001a\u00020\u00042\b\u0010\"\u001a\u0004\u0018\u00010\u0004J\u0010\u0010#\u001a\u00020$2\u0006\u0010\u001b\u001a\u00020\u0004H\u0003J\u0010\u0010%\u001a\u0004\u0018\u00010$2\u0006\u0010\u001b\u001a\u00020\u0004J\u001c\u0010&\u001a\u0004\u0018\u00010\u00042\u0006\u0010'\u001a\u00020\u00042\b\u0010(\u001a\u0004\u0018\u00010\u0004H\u0002J\u001a\u0010)\u001a\u00020\u001d2\u0006\u0010\u001b\u001a\u00020\u00042\b\b\u0002\u0010*\u001a\u00020+H\u0002J\u0010\u0010,\u001a\u00020\u00182\u0006\u0010'\u001a\u00020\u0004H\u0002J\u001a\u0010-\u001a\u00020\u00182\u0006\u0010'\u001a\u00020\u00042\b\u0010.\u001a\u0004\u0018\u00010\u0004H\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\t\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\n\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u000b\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\f\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\r\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u000e\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u000f\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0010\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u0011\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u0016\u0010\u0012\u001a\n \u0014*\u0004\u0018\u00010\u00130\u0013X\u0082\u0004¢\u0006\u0002\n\u0000R\u0016\u0010\u0015\u001a\n \u0014*\u0004\u0018\u00010\u00160\u0016X\u0082\u0004¢\u0006\u0002\n\u0000¨\u00060"}, d2 = {"Lcom/smartrent/resident/utils/KeyStoreUtil;", "", "()V", "AES_MODE", "", "ALGORITHM_AES", "ALGORITHM_RSA", "BIOMETRIC", "CERTIFICATE_SUBJECT", "CHARSET_UNICODE", SettingsUtil.CREDENTIALS, "IV_DELIMITER", "KEYSTORE_PROVIDER", "KEY_SHARED_PREFS", "PUSH_NOTIFICATION", "RSA_MODE", "TOKEN", "USER", "keyPreferenceEditor", "Landroid/content/SharedPreferences$Editor;", "kotlin.jvm.PlatformType", "keySharedPreferences", "Landroid/content/SharedPreferences;", "addAlias", "", "context", "Landroid/content/Context;", "alias", "createDefaultSymmetricKey", "Ljavax/crypto/SecretKey;", "decryptAsymmetric", "cipherText", "deleteAlias", "encryptAsymmetric", "inputText", "generateBiometricKeyPair", "Ljava/security/KeyPair;", "getKeyPair", "getKeyPref", "key", Bus.DEFAULT_IDENTIFIER, "getSymmetricKey", "reset", "", "removeKeyPref", "setKeyPref", "value", "KeyStoreAlias", "app-2328_prodSmartrentRelease"}, k = 1, mv = {1, 4, 2})
/* loaded from: classes3.dex */
public final class KeyStoreUtil {
    private static final String AES_MODE = "AES/CBC/PKCS5Padding";
    private static final String ALGORITHM_AES = "AES";
    private static final String ALGORITHM_RSA = "RSA";
    public static final String BIOMETRIC = "com.smartrent.resident.BIOMETRIC";
    public static final String CERTIFICATE_SUBJECT = "CN=Resident App, O=SmartRent";
    private static final String CHARSET_UNICODE = "UTF-8";
    public static final String CREDENTIALS = "com.smartrent.resident.CREDENTIALS";
    public static final KeyStoreUtil INSTANCE = new KeyStoreUtil();
    private static final String IV_DELIMITER = "]";
    private static final String KEYSTORE_PROVIDER = "AndroidKeyStore";
    public static final String KEY_SHARED_PREFS = "com.smartrent.resident.KEY_SHARED_PREFS";
    public static final String PUSH_NOTIFICATION = "com.smartrent.resident.PUSH_NOTIFICATION";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    public static final String TOKEN = "com.smartrent.resident.TOKEN";
    public static final String USER = "com.smartrent.resident.USER";
    private static final SharedPreferences.Editor keyPreferenceEditor;
    private static final SharedPreferences keySharedPreferences;

    /* compiled from: KeyStoreUtil.kt */
    @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\n\n\u0002\u0018\u0002\n\u0002\u0010\u001b\n\u0000\b\u0081\u0002\u0018\u00002\u00020\u0001B\u0000¨\u0006\u0002"}, d2 = {"Lcom/smartrent/resident/utils/KeyStoreUtil$KeyStoreAlias;", "", "app-2328_prodSmartrentRelease"}, k = 1, mv = {1, 4, 2})
    @Retention(RetentionPolicy.SOURCE)
    @kotlin.annotation.Retention(AnnotationRetention.SOURCE)
    /* loaded from: classes3.dex */
    public @interface KeyStoreAlias {
    }

    static {
        SharedPreferences sharedPreferences = ResidentApplicationKt.getAppContext().getSharedPreferences(KEY_SHARED_PREFS, 0);
        keySharedPreferences = sharedPreferences;
        keyPreferenceEditor = sharedPreferences.edit();
    }

    private KeyStoreUtil() {
    }

    private final SecretKey createDefaultSymmetricKey(String alias) {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        addAlias(ResidentApplicationKt.getAppContext(), alias);
        setKeyPref(alias, encryptAsymmetric(alias, Base64.encodeToString(bArr, 0)));
        return new SecretKeySpec(bArr, 0, 16, "AES");
    }

    private final KeyPair generateBiometricKeyPair(String alias) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ConstantsKt.EC, "AndroidKeyStore");
        KeyGenParameterSpec.Builder userAuthenticationRequired = new KeyGenParameterSpec.Builder(alias, 4).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests("SHA-256", McElieceCCA2KeyGenParameterSpec.SHA384, "SHA-512").setUserAuthenticationRequired(true);
        Intrinsics.checkNotNullExpressionValue(userAuthenticationRequired, "KeyGenParameterSpec.Buil…henticationRequired(true)");
        keyPairGenerator.initialize(userAuthenticationRequired.build());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Intrinsics.checkNotNullExpressionValue(generateKeyPair, "keyPairGenerator.generateKeyPair()");
        return generateKeyPair;
    }

    private final String getKeyPref(String key, String r3) {
        return keySharedPreferences.getString(key, r3);
    }

    private final SecretKey getSymmetricKey(String alias, boolean reset) {
        SecretKeySpec secretKeySpec = null;
        String keyPref = reset ? null : getKeyPref(alias, null);
        if (keyPref != null) {
            String decryptAsymmetric = INSTANCE.decryptAsymmetric(alias, keyPref);
            if (decryptAsymmetric != null) {
                byte[] decode = Base64.decode(decryptAsymmetric, 0);
                secretKeySpec = new SecretKeySpec(decode, 0, decode.length, "AES");
            }
            if (secretKeySpec != null) {
                return secretKeySpec;
            }
        }
        return createDefaultSymmetricKey(alias);
    }

    static /* synthetic */ SecretKey getSymmetricKey$default(KeyStoreUtil keyStoreUtil, String str, boolean z, int i, Object obj) {
        if ((i & 2) != 0) {
            z = false;
        }
        return keyStoreUtil.getSymmetricKey(str, z);
    }

    private final void removeKeyPref(String key) {
        if (keySharedPreferences.contains(key)) {
            keyPreferenceEditor.remove(key).apply();
        }
    }

    private final void setKeyPref(String key, String value) {
        keyPreferenceEditor.putString(key, value).apply();
    }

    public final void addAlias(Context context, String alias) {
        KeyPairGeneratorSpec keyPairGeneratorSpec;
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(alias, "alias");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias(alias)) {
                return;
            }
            Calendar start = Calendar.getInstance();
            Calendar end = Calendar.getInstance();
            end.add(1, 1);
            if (Build.VERSION.SDK_INT >= 23) {
                KeyGenParameterSpec.Builder certificateSerialNumber = new KeyGenParameterSpec.Builder(alias, 3).setCertificateSubject(new X500Principal(CERTIFICATE_SUBJECT)).setCertificateSerialNumber(BigInteger.ONE);
                Intrinsics.checkNotNullExpressionValue(start, "start");
                KeyGenParameterSpec.Builder keyValidityStart = certificateSerialNumber.setKeyValidityStart(start.getTime());
                Intrinsics.checkNotNullExpressionValue(end, "end");
                KeyGenParameterSpec build = keyValidityStart.setKeyValidityEnd(end.getTime()).setEncryptionPaddings(ConstantsKt.PKCS1).build();
                Intrinsics.checkNotNullExpressionValue(build, "KeyGenParameterSpec.Buil…                 .build()");
                keyPairGeneratorSpec = build;
            } else {
                KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(context).setAlias(alias).setSubject(new X500Principal(CERTIFICATE_SUBJECT)).setSerialNumber(BigInteger.ONE);
                Intrinsics.checkNotNullExpressionValue(start, "start");
                KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(start.getTime());
                Intrinsics.checkNotNullExpressionValue(end, "end");
                KeyPairGeneratorSpec build2 = startDate.setEndDate(end.getTime()).build();
                Intrinsics.checkNotNullExpressionValue(build2, "KeyPairGeneratorSpec.Bui…                 .build()");
                keyPairGeneratorSpec = build2;
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(keyPairGeneratorSpec);
            keyPairGenerator.generateKeyPair();
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | ProviderException | CertificateException unused) {
        }
    }

    public final String decryptAsymmetric(String alias, String cipherText) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Key key = keyStore.getKey(alias, null);
            Cipher cipher = Cipher.getInstance(RSA_MODE);
            cipher.init(2, key);
            final CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(cipherText, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            final Ref.IntRef intRef = new Ref.IntRef();
            intRef.element = -1;
            while (new Function0<Integer>() { // from class: com.smartrent.resident.utils.KeyStoreUtil$decryptAsymmetric$1
                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(0);
                }

                /* renamed from: invoke, reason: avoid collision after fix types in other method */
                public final int invoke2() {
                    Ref.IntRef.this.element = cipherInputStream.read();
                    return Ref.IntRef.this.element;
                }

                @Override // kotlin.jvm.functions.Function0
                public /* bridge */ /* synthetic */ Integer invoke() {
                    return Integer.valueOf(invoke2());
                }
            }.invoke().intValue() != -1) {
                arrayList.add(Byte.valueOf((byte) intRef.element));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i = 0; i < size; i++) {
                Object obj = arrayList.get(i);
                Intrinsics.checkNotNullExpressionValue(obj, "values[i]");
                bArr[i] = ((Number) obj).byteValue();
            }
            Charset forName = Charset.forName("UTF-8");
            Intrinsics.checkNotNullExpressionValue(forName, "Charset.forName(CHARSET_UNICODE)");
            return new String(bArr, 0, size, forName);
        } catch (IOException | NullPointerException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | NoSuchPaddingException unused) {
            return null;
        }
    }

    public final void deleteAlias(String alias) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            Intrinsics.checkNotNullExpressionValue(keyStore, "KeyStore.getInstance(KEYSTORE_PROVIDER)");
            keyStore.load(null);
            keyStore.deleteEntry(alias);
            removeKeyPref(alias);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException unused) {
        }
    }

    public final String encryptAsymmetric(String alias, String inputText) {
        Certificate certificate;
        Intrinsics.checkNotNullParameter(alias, "alias");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias(alias)) {
                addAlias(ResidentApplicationKt.getAppContext(), alias);
            }
            PublicKey publicKey = (keyStore.getKey(alias, null) == null || (certificate = keyStore.getCertificate(alias)) == null) ? null : certificate.getPublicKey();
            if (TextUtils.isEmpty(inputText)) {
                return null;
            }
            Cipher cipher = Cipher.getInstance(RSA_MODE);
            cipher.init(1, publicKey);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            if (inputText != null) {
                Charset forName = Charset.forName("UTF-8");
                Intrinsics.checkNotNullExpressionValue(forName, "Charset.forName(charsetName)");
                if (inputText == null) {
                    throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
                }
                byte[] bytes = inputText.getBytes(forName);
                Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
                cipherOutputStream.write(bytes);
            }
            cipherOutputStream.close();
            return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
        } catch (IOException | NullPointerException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | NoSuchPaddingException unused) {
            return null;
        }
    }

    public final KeyPair getKeyPair(String alias) throws Exception {
        Intrinsics.checkNotNullParameter(alias, "alias");
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (!keyStore.containsAlias(alias)) {
            if (!Intrinsics.areEqual(alias, BIOMETRIC) || Build.VERSION.SDK_INT < 23) {
                addAlias(ResidentApplicationKt.getAppContext(), alias);
            } else {
                generateBiometricKeyPair(alias);
            }
        }
        Certificate certificate = keyStore.getCertificate(alias);
        Intrinsics.checkNotNullExpressionValue(certificate, "keyStore.getCertificate(alias)");
        PublicKey publicKey = certificate.getPublicKey();
        Key key = keyStore.getKey(alias, null);
        Objects.requireNonNull(key, "null cannot be cast to non-null type java.security.PrivateKey");
        return new KeyPair(publicKey, (PrivateKey) key);
    }
}
