package com.yf.mkeysca.keyStore;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import android.util.Log;
import com.yf.mkeysca.cryptUtil.StringUtil;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class KeyStoneUtils {
    public static final String SAMPLE_ALIAS = "YFKey";
    private static String mAlias;

    public static void createKeys(Context context) throws InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchAlgorithmException {
        AlgorithmParameterSpec build;
        setAlias("YFKey");
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 10);
        if (Build.VERSION.SDK_INT < 23) {
            build = new KeyPairGeneratorSpec.Builder(context).setAlias(mAlias).setSubject(new X500Principal("CN=" + mAlias)).setSerialNumber(BigInteger.valueOf(1337L)).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
        } else {
            build = new KeyGenParameterSpec.Builder(mAlias, 2).setCertificateSubject(new X500Principal("CN=" + mAlias)).setDigests("SHA-256").setEncryptionPaddings("PKCS1Padding").setBlockModes("GCM", "CTR", "CBC", "ECB").setCertificateSerialNumber(BigInteger.valueOf(1337L)).setCertificateNotBefore(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime()).build();
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
        keyPairGenerator.initialize(build);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Log.d("wuxueshuan", "是否存在于硬件中：" + isInsideSecurityHardware(mAlias));
        Log.d("wuxueshuan", "公共密钥:" + StringUtil.byteArrayToHexString(generateKeyPair.getPublic().getEncoded()));
        Log.d("wuxueshuan", "私钥:" + StringUtil.byteArrayToHexString(generateKeyPair.getPrivate().getEncoded()));
    }

    public static String decryptString(String str, String str2) {
        if ("".equals(str2) || "".equals(str)) {
            return "";
        }
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) getAndroidKeyStore().getEntry(str2, null);
            Cipher cipher = Build.VERSION.SDK_INT >= 28 ? Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL") : Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, privateKeyEntry.getPrivateKey());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i = 0; i < size; i++) {
                bArr[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            return new String(bArr, 0, size, "UTF-8");
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public static void deleteAlias() {
        try {
            KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            if (mAlias == null) {
                setAlias("YFKey");
            }
            keyStore.deleteEntry(mAlias);
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (CertificateException e4) {
            e4.printStackTrace();
        }
    }

    public static String encryptString(String str, String str2) {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        if ("".equals(str2) || "".equals(str)) {
            return "";
        }
        byte[] bArr = null;
        try {
            privateKeyEntry = (KeyStore.PrivateKeyEntry) getAndroidKeyStore().getEntry(str2, null);
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (str.isEmpty()) {
            return "";
        }
        Cipher cipher = Build.VERSION.SDK_INT >= 28 ? Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL") : Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(str.getBytes("UTF-8"));
        cipherOutputStream.close();
        bArr = byteArrayOutputStream.toByteArray();
        return Base64.encodeToString(bArr, 0);
    }

    /* JADX WARN: Can't wrap try/catch for region: R(9:1|(2:2|3)|(2:5|6)|7|8|(3:11|(2:13|14)(1:16)|9)|17|18|(1:(0))) */
    /* JADX WARN: Code restructure failed: missing block: B:20:0x0041, code lost:
    
        r4 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:21:0x0042, code lost:
    
        r4.printStackTrace();
     */
    /* JADX WARN: Removed duplicated region for block: B:11:0x0034 A[Catch: KeyStoreException -> 0x0041, TRY_LEAVE, TryCatch #1 {KeyStoreException -> 0x0041, blocks: (B:8:0x002a, B:9:0x002e, B:11:0x0034), top: B:7:0x002a }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.lang.String getAliasKid(java.lang.String r4) {
        /*
            r0 = 0
            java.lang.String r1 = "AndroidKeyStore"
            java.security.KeyStore r1 = java.security.KeyStore.getInstance(r1)     // Catch: java.security.KeyStoreException -> L13 java.security.cert.CertificateException -> L19 java.security.NoSuchAlgorithmException -> L1f java.io.IOException -> L25
            r1.load(r0)     // Catch: java.security.KeyStoreException -> Lb java.security.cert.CertificateException -> Ld java.security.NoSuchAlgorithmException -> Lf java.io.IOException -> L11
            goto L2a
        Lb:
            r2 = move-exception
            goto L15
        Ld:
            r2 = move-exception
            goto L1b
        Lf:
            r2 = move-exception
            goto L21
        L11:
            r2 = move-exception
            goto L27
        L13:
            r2 = move-exception
            r1 = r0
        L15:
            r2.printStackTrace()
            goto L2a
        L19:
            r2 = move-exception
            r1 = r0
        L1b:
            r2.printStackTrace()
            goto L2a
        L1f:
            r2 = move-exception
            r1 = r0
        L21:
            r2.printStackTrace()
            goto L2a
        L25:
            r2 = move-exception
            r1 = r0
        L27:
            r2.printStackTrace()
        L2a:
            java.util.Enumeration r1 = r1.aliases()     // Catch: java.security.KeyStoreException -> L41
        L2e:
            boolean r2 = r1.hasMoreElements()     // Catch: java.security.KeyStoreException -> L41
            if (r2 == 0) goto L45
            java.lang.Object r2 = r1.nextElement()     // Catch: java.security.KeyStoreException -> L41
            java.lang.String r2 = (java.lang.String) r2     // Catch: java.security.KeyStoreException -> L41
            int r3 = r2.indexOf(r4)     // Catch: java.security.KeyStoreException -> L41
            if (r3 != 0) goto L2e
            return r2
        L41:
            r4 = move-exception
            r4.printStackTrace()
        L45:
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.yf.mkeysca.keyStore.KeyStoneUtils.getAliasKid(java.lang.String):java.lang.String");
    }

    private static KeyStore getAndroidKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            return keyStore;
        } catch (IOException | GeneralSecurityException e) {
            throw new RuntimeException(e);
        }
    }

    public static boolean isHaveKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            if (mAlias == null) {
                setAlias("YFKey");
            }
            return keyStore.getEntry(mAlias, null) != null;
        } catch (IOException e) {
            e.printStackTrace();
            return false;
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
            return false;
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            return false;
        } catch (UnrecoverableEntryException e4) {
            e4.printStackTrace();
            return false;
        } catch (CertificateException e5) {
            e5.printStackTrace();
            return false;
        }
    }

    private static boolean isInsideSecurityHardware(String str) {
        PrivateKey privateKey;
        try {
            KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            privateKey = (PrivateKey) keyStore.getKey(str, null);
        } catch (Exception unused) {
        }
        return ((KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE).getKeySpec(privateKey, KeyInfo.class)).isInsideSecureHardware();
    }

    public static void setAlias(String str) {
        mAlias = str;
    }

    public static String signData(String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, InvalidKeyException, SignatureException {
        byte[] bytes = str.getBytes();
        KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
        keyStore.load(null);
        if (mAlias == null) {
            setAlias("YFKey");
        }
        KeyStore.Entry entry = keyStore.getEntry(mAlias, null);
        if (entry == null) {
            Log.w("huangxiaoguo", "No key found under alias: " + mAlias);
            Log.w("huangxiaoguo", "Exiting signData()...");
            return null;
        }
        if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
            Log.w("huangxiaoguo", "Not an instance of a PrivateKeyEntry");
            Log.w("huangxiaoguo", "Exiting signData()...");
            return null;
        }
        Signature signature = Signature.getInstance(SecurityConstants.SIGNATURE_SHA256withRSA);
        signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        signature.update(bytes);
        return Base64.encodeToString(signature.sign(), 0);
    }

    public static boolean verifyData(String str, String str2) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, InvalidKeyException, SignatureException {
        byte[] bytes = str.getBytes();
        if (str2 == null) {
            Log.w("huangxiaoguo", "Invalid signature.");
            Log.w("huangxiaoguo", "Exiting verifyData()...");
            return false;
        }
        try {
            byte[] decode = Base64.decode(str2, 0);
            KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            if (mAlias == null) {
                setAlias("YFKey");
            }
            KeyStore.Entry entry = keyStore.getEntry(mAlias, null);
            if (entry == null) {
                Log.w("huangxiaoguo", "No key found under alias: " + mAlias);
                Log.w("huangxiaoguo", "Exiting verifyData()...");
                return false;
            }
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                Log.w("huangxiaoguo", "Not an instance of a PrivateKeyEntry");
                return false;
            }
            Signature signature = Signature.getInstance(SecurityConstants.SIGNATURE_SHA256withRSA);
            signature.initVerify(((KeyStore.PrivateKeyEntry) entry).getCertificate());
            signature.update(bytes);
            return signature.verify(decode);
        } catch (IllegalArgumentException unused) {
            return false;
        }
    }
}
