package com.termux.api.apis;

import android.content.Intent;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import android.util.JsonWriter;
import com.termux.api.TermuxApiReceiver;
import com.termux.api.util.ResultReturner;
import com.termux.shared.logger.Logger;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Enumeration;

/* loaded from: classes2.dex */
public class KeystoreAPI {
    private static final String LOG_TAG = "KeystoreAPI";
    private static final String PROVIDER = "AndroidKeyStore";

    static /* synthetic */ KeyStore access$000() throws GeneralSecurityException, IOException {
        return getKeyStore();
    }

    private static void deleteKey(TermuxApiReceiver termuxApiReceiver, final Intent intent) {
        ResultReturner.returnData(termuxApiReceiver, intent, new ResultReturner.ResultWriter() { // from class: com.termux.api.apis.-$$Lambda$KeystoreAPI$haMooFcGDXjR0_7OGOtlUi3StD0
            @Override // com.termux.api.util.ResultReturner.ResultWriter
            public final void writeResult(PrintWriter printWriter) {
                KeystoreAPI.getKeyStore().deleteEntry(intent.getStringExtra("alias"));
            }
        });
    }

    private static void generateKey(TermuxApiReceiver termuxApiReceiver, final Intent intent) {
        ResultReturner.returnData(termuxApiReceiver, intent, new ResultReturner.ResultWriter() { // from class: com.termux.api.apis.-$$Lambda$KeystoreAPI$r9Vq8v12HxXxDBP70LWahDVp3-k
            @Override // com.termux.api.util.ResultReturner.ResultWriter
            public final void writeResult(PrintWriter printWriter) {
                KeystoreAPI.lambda$generateKey$1(intent, printWriter);
            }
        });
    }

    private static KeyStore getKeyStore() throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(PROVIDER);
        keyStore.load(null);
        return keyStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$generateKey$1(Intent intent, PrintWriter printWriter) throws Exception {
        String stringExtra = intent.getStringExtra("alias");
        String stringExtra2 = intent.getStringExtra("algorithm");
        int intExtra = intent.getIntExtra("purposes", 0);
        String[] stringArrayExtra = intent.getStringArrayExtra("digests");
        int intExtra2 = intent.getIntExtra("size", 2048);
        String stringExtra3 = intent.getStringExtra("curve");
        int intExtra3 = intent.getIntExtra("validity", 0);
        KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(stringExtra, intExtra);
        builder.setDigests(stringArrayExtra);
        if (stringExtra2.equals("RSA")) {
            builder.setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(intExtra2, RSAKeyGenParameterSpec.F4));
            builder.setSignaturePaddings("PKCS1");
        }
        if (stringExtra2.equals("EC")) {
            builder.setAlgorithmParameterSpec(new ECGenParameterSpec(stringExtra3));
        }
        if (intExtra3 > 0) {
            builder.setUserAuthenticationRequired(true);
            builder.setUserAuthenticationValidityDurationSeconds(intExtra3);
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(stringExtra2, PROVIDER);
        keyPairGenerator.initialize(builder.build());
        keyPairGenerator.generateKeyPair();
    }

    private static void listKeys(TermuxApiReceiver termuxApiReceiver, final Intent intent) {
        ResultReturner.returnData(termuxApiReceiver, intent, new ResultReturner.ResultJsonWriter() { // from class: com.termux.api.apis.KeystoreAPI.1
            @Override // com.termux.api.util.ResultReturner.ResultJsonWriter
            public void writeJson(JsonWriter jsonWriter) throws GeneralSecurityException, IOException {
                KeyStore access$000 = KeystoreAPI.access$000();
                Enumeration<String> aliases = access$000.aliases();
                boolean booleanExtra = intent.getBooleanExtra("detailed", false);
                jsonWriter.beginArray();
                while (aliases.hasMoreElements()) {
                    jsonWriter.beginObject();
                    String nextElement = aliases.nextElement();
                    jsonWriter.name("alias").value(nextElement);
                    KeyStore.Entry entry = access$000.getEntry(nextElement, null);
                    if (entry instanceof KeyStore.PrivateKeyEntry) {
                        KeystoreAPI.printPrivateKey(jsonWriter, (KeyStore.PrivateKeyEntry) entry, booleanExtra);
                    }
                    jsonWriter.endObject();
                }
                jsonWriter.endArray();
            }
        });
    }

    public static void onReceive(TermuxApiReceiver termuxApiReceiver, Intent intent) {
        Logger.logDebug(LOG_TAG, "onReceive");
        String stringExtra = intent.getStringExtra("command");
        stringExtra.hashCode();
        char c = 65535;
        switch (stringExtra.hashCode()) {
            case -1335458389:
                if (stringExtra.equals("delete")) {
                    c = 0;
                    break;
                }
                break;
            case -819951495:
                if (stringExtra.equals("verify")) {
                    c = 1;
                    break;
                }
                break;
            case 3322014:
                if (stringExtra.equals("list")) {
                    c = 2;
                    break;
                }
                break;
            case 3530173:
                if (stringExtra.equals("sign")) {
                    c = 3;
                    break;
                }
                break;
            case 1810371957:
                if (stringExtra.equals("generate")) {
                    c = 4;
                    break;
                }
                break;
        }
        switch (c) {
            case 0:
                deleteKey(termuxApiReceiver, intent);
                return;
            case 1:
                verifyData(termuxApiReceiver, intent);
                return;
            case 2:
                listKeys(termuxApiReceiver, intent);
                return;
            case 3:
                signData(termuxApiReceiver, intent);
                return;
            case 4:
                generateKey(termuxApiReceiver, intent);
                return;
            default:
                return;
        }
    }

    private static void printErrorMessage(TermuxApiReceiver termuxApiReceiver, Intent intent) {
        ResultReturner.returnData(termuxApiReceiver, intent, new ResultReturner.ResultWriter() { // from class: com.termux.api.apis.-$$Lambda$KeystoreAPI$bYju883oEW_h_ULcNoIqdk9UiX0
            @Override // com.termux.api.util.ResultReturner.ResultWriter
            public final void writeResult(PrintWriter printWriter) {
                printWriter.println("termux-keystore requires at least Android 6.0 (Marshmallow).");
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void printPrivateKey(JsonWriter jsonWriter, KeyStore.PrivateKeyEntry privateKeyEntry, boolean z) throws GeneralSecurityException, IOException {
        PrivateKey privateKey = privateKeyEntry.getPrivateKey();
        String algorithm = privateKey.getAlgorithm();
        KeyInfo keyInfo = (KeyInfo) KeyFactory.getInstance(algorithm).getKeySpec(privateKey, KeyInfo.class);
        PublicKey publicKey = privateKeyEntry.getCertificate().getPublicKey();
        jsonWriter.name("algorithm").value(algorithm);
        jsonWriter.name("size").value(keyInfo.getKeySize());
        if (z && (publicKey instanceof RSAPublicKey)) {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
            jsonWriter.name("modulus").value(rSAPublicKey.getModulus().toString(16));
            jsonWriter.name("exponent").value(rSAPublicKey.getPublicExponent().toString(16));
        }
        if (z && (publicKey instanceof ECPublicKey)) {
            ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
            jsonWriter.name("x").value(eCPublicKey.getW().getAffineX().toString(16));
            jsonWriter.name("y").value(eCPublicKey.getW().getAffineY().toString(16));
        }
        jsonWriter.name("inside_secure_hardware").value(keyInfo.isInsideSecureHardware());
        jsonWriter.name("user_authentication");
        jsonWriter.beginObject();
        jsonWriter.name("required").value(keyInfo.isUserAuthenticationRequired());
        jsonWriter.name("enforced_by_secure_hardware");
        jsonWriter.value(keyInfo.isUserAuthenticationRequirementEnforcedBySecureHardware());
        int userAuthenticationValidityDurationSeconds = keyInfo.getUserAuthenticationValidityDurationSeconds();
        if (userAuthenticationValidityDurationSeconds >= 0) {
            jsonWriter.name("validity_duration_seconds").value(userAuthenticationValidityDurationSeconds);
        }
        jsonWriter.endObject();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static byte[] readStream(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[1024];
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= 0) {
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    private static void signData(TermuxApiReceiver termuxApiReceiver, final Intent intent) {
        ResultReturner.returnData(termuxApiReceiver, intent, new ResultReturner.WithInput() { // from class: com.termux.api.apis.KeystoreAPI.2
            @Override // com.termux.api.util.ResultReturner.ResultWriter
            public void writeResult(PrintWriter printWriter) throws Exception {
                String stringExtra = intent.getStringExtra("alias");
                String stringExtra2 = intent.getStringExtra("algorithm");
                byte[] readStream = KeystoreAPI.readStream(this.in);
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) KeystoreAPI.access$000().getEntry(stringExtra, null);
                Signature signature = Signature.getInstance(stringExtra2);
                signature.initSign(privateKeyEntry.getPrivateKey());
                signature.update(readStream);
                printWriter.write(Base64.encodeToString(signature.sign(), 2));
            }
        });
    }

    private static void verifyData(TermuxApiReceiver termuxApiReceiver, final Intent intent) {
        ResultReturner.returnData(termuxApiReceiver, intent, new ResultReturner.WithInput() { // from class: com.termux.api.apis.KeystoreAPI.3
            @Override // com.termux.api.util.ResultReturner.ResultWriter
            public void writeResult(PrintWriter printWriter) throws GeneralSecurityException, IOException {
                String stringExtra = intent.getStringExtra("alias");
                String stringExtra2 = intent.getStringExtra("algorithm");
                byte[] readStream = KeystoreAPI.readStream(this.in);
                File file = new File(intent.getStringExtra("signature"));
                byte[] bArr = new byte[(int) file.length()];
                if (file.length() != new FileInputStream(file).read(bArr)) {
                    printWriter.println(false);
                }
                Signature signature = Signature.getInstance(stringExtra2);
                signature.initVerify(KeystoreAPI.access$000().getCertificate(stringExtra).getPublicKey());
                signature.update(readStream);
                printWriter.println(signature.verify(bArr));
            }
        });
    }
}
