package com.magloft.magazine.utils.helper;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import com.magloft.magazine.utils.settings.AppConfiguration;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class KeystoreWrapper {
    private static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final String SIGNATURE_SHA256withRSA = "SHA256withRSA";
    private static final String SIGNATURE_SHA512withRSA = "SHA512withRSA";
    private static final String TAG = "KeystoreWrapper";
    private static final String TYPE_BKS = "BKS";
    private static final String TYPE_DSA = "DSA";
    private static final String TYPE_RSA = "RSA";
    private static final KeystoreWrapper ourInstance = new KeystoreWrapper();
    private String uniqueId;
    private String mSignatureStr = null;
    private String mAlias = null;

    private KeystoreWrapper() {
        setAlias(AppConfiguration.appID() + ".ANDROID_ID");
    }

    private void createKeys(Context context) {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 1);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(TYPE_RSA, KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
        keyPairGenerator.initialize(Build.VERSION.SDK_INT < 23 ? new KeyPairGeneratorSpec.Builder(context).setAlias(this.mAlias).setSubject(new X500Principal("CN=" + this.mAlias)).setSerialNumber(BigInteger.valueOf(1337L)).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build() : new KeyGenParameterSpec.Builder(this.mAlias, 4).setCertificateSubject(new X500Principal("CN=" + this.mAlias)).setDigests("SHA-256").setSignaturePaddings("PKCS1").setCertificateSerialNumber(BigInteger.valueOf(1337L)).setCertificateNotBefore(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime()).build());
        Log.d(TAG, "Public Key is: " + keyPairGenerator.generateKeyPair().getPublic().toString());
    }

    public static KeystoreWrapper getInstance() {
        return ourInstance;
    }

    private String getUniqueId() {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
        keyStore.load(null);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            Log.i(TAG, "Keystore alias = " + aliases.nextElement());
        }
        KeyStore.Entry entry = keyStore.getEntry(this.mAlias, null);
        if (entry == null) {
            Log.w(TAG, "No key found under alias: " + this.mAlias);
            Log.w(TAG, "Exiting signData()...");
            return null;
        }
        if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
            Log.w(TAG, "Not an instance of a PrivateKeyEntry");
            Log.w(TAG, "Exiting signData()...");
            return null;
        }
        Signature.getInstance(SIGNATURE_SHA256withRSA);
        Certificate certificate = ((KeyStore.PrivateKeyEntry) entry).getCertificate();
        if (certificate == null) {
            return null;
        }
        return Base64.encodeToString(certificate.getEncoded(), 0);
    }

    private void setAlias(String str) {
        this.mAlias = str;
    }

    private String signData(String str) {
        byte[] bytes = str.getBytes();
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
        keyStore.load(null);
        KeyStore.Entry entry = keyStore.getEntry(this.mAlias, null);
        if (entry == null) {
            Log.w(TAG, "No key found under alias: " + this.mAlias);
            Log.w(TAG, "Exiting signData()...");
            return null;
        }
        if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
            Log.w(TAG, "Not an instance of a PrivateKeyEntry");
            Log.w(TAG, "Exiting signData()...");
            return null;
        }
        Signature signature = Signature.getInstance(SIGNATURE_SHA256withRSA);
        signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        signature.update(bytes);
        return Base64.encodeToString(signature.sign(), 0);
    }

    private boolean verifyData(String str, String str2) {
        byte[] bytes = str.getBytes();
        if (str2 == null) {
            Log.w(TAG, "Invalid signature.");
            Log.w(TAG, "Exiting verifyData()...");
            return false;
        }
        try {
            byte[] decode = Base64.decode(str2, 0);
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(this.mAlias, null);
            if (entry == null) {
                Log.w(TAG, "No key found under alias: " + this.mAlias);
                Log.w(TAG, "Exiting verifyData()...");
                return false;
            }
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                Log.w(TAG, "Not an instance of a PrivateKeyEntry");
                return false;
            }
            Signature signature = Signature.getInstance(SIGNATURE_SHA256withRSA);
            signature.initVerify(((KeyStore.PrivateKeyEntry) entry).getCertificate());
            signature.update(bytes);
            return signature.verify(decode);
        } catch (IllegalArgumentException e2) {
            return false;
        }
    }

    public void initializeUniqueId(Context context) {
        try {
            Log.i(TAG, "unique = " + getUniqueId());
        } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | SignatureException | UnrecoverableEntryException | CertificateException e2) {
            e2.printStackTrace();
        }
        if (this.uniqueId == null) {
            this.uniqueId = AppConfiguration.getAndroidID();
            Log.i(TAG, "Android ID = " + this.uniqueId);
            try {
                createKeys(context);
                Log.d(TAG, "Keys created");
            } catch (InvalidAlgorithmParameterException e3) {
                Log.w(TAG, "No such provider: AndroidKeyStore");
            } catch (NoSuchAlgorithmException e4) {
                Log.w(TAG, "RSA not supported", e4);
            } catch (NoSuchProviderException e5) {
                Log.w(TAG, "Invalid Algorithm Parameter Exception", e5);
            }
            try {
                this.mSignatureStr = signData(this.uniqueId);
            } catch (IOException e6) {
                Log.w(TAG, "IO Exception", e6);
            } catch (InvalidKeyException e7) {
                Log.w(TAG, "Invalid Key", e7);
            } catch (KeyStoreException e8) {
                Log.w(TAG, "KeyStore not Initialized", e8);
            } catch (NoSuchAlgorithmException e9) {
                Log.w(TAG, "RSA not supported", e9);
            } catch (SignatureException e10) {
                Log.w(TAG, "Invalid Signature", e10);
            } catch (UnrecoverableEntryException e11) {
                Log.w(TAG, "KeyPair not recovered", e11);
            } catch (CertificateException e12) {
                Log.w(TAG, "Error occurred while loading certificates", e12);
            }
            Log.d(TAG, "Signature: " + this.mSignatureStr);
            boolean z = false;
            try {
                if (this.mSignatureStr != null) {
                    z = verifyData(this.uniqueId, this.mSignatureStr);
                }
            } catch (IOException e13) {
                Log.w(TAG, "IO Exception", e13);
            } catch (InvalidKeyException e14) {
                Log.w(TAG, "Invalid Key", e14);
            } catch (KeyStoreException e15) {
                Log.w(TAG, "KeyStore not Initialized", e15);
            } catch (NoSuchAlgorithmException e16) {
                Log.w(TAG, "RSA not supported", e16);
            } catch (SignatureException e17) {
                Log.w(TAG, "Invalid Signature", e17);
            } catch (UnrecoverableEntryException e18) {
                Log.w(TAG, "KeyPair not recovered", e18);
            } catch (CertificateException e19) {
                Log.w(TAG, "Error occurred while loading certificates", e19);
            }
            if (z) {
                Log.d(TAG, "Data Signature Verified");
            } else {
                Log.d(TAG, "Data not verified.");
            }
        }
    }
}
