package com.it_nomads.fluttersecurestorage.ciphers;

import android.content.Context;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.StrongBoxUnavailableException;
import android.util.Log;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
class RSACipher18Implementation {
    private static final String KEYSTORE_PROVIDER_ANDROID = "AndroidKeyStore";
    private static final String TYPE_RSA = "RSA";
    private final String KEY_ALIAS;
    private Context context;

    public RSACipher18Implementation(Context context) throws Exception {
        this.KEY_ALIAS = context.getPackageName() + ".FlutterSecureStoragePluginKey";
        this.context = context;
        createRSAKeysIfNeeded(context);
    }

    private void createKeys(Context context) throws Exception {
        AlgorithmParameterSpec build;
        Log.i("fluttersecurestorage", "Creating keys!");
        Locale locale = Locale.getDefault();
        try {
            setLocale(Locale.ENGLISH);
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 25);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(TYPE_RSA, KEYSTORE_PROVIDER_ANDROID);
            if (Build.VERSION.SDK_INT < 23) {
                build = new KeyPairGeneratorSpec.Builder(context).setAlias(this.KEY_ALIAS).setSubject(new X500Principal("CN=" + this.KEY_ALIAS)).setSerialNumber(BigInteger.valueOf(1L)).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            } else {
                KeyGenParameterSpec.Builder certificateNotAfter = new KeyGenParameterSpec.Builder(this.KEY_ALIAS, 3).setCertificateSubject(new X500Principal("CN=" + this.KEY_ALIAS)).setDigests("SHA-256").setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(BigInteger.valueOf(1L)).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime());
                if (Build.VERSION.SDK_INT >= 28) {
                    certificateNotAfter.setIsStrongBoxBacked(true);
                }
                build = certificateNotAfter.build();
            }
            try {
                Log.i("fluttersecurestorage", "Initializing");
                keyPairGenerator.initialize(build);
                Log.i("fluttersecurestorage", "Generating key pair");
                keyPairGenerator.generateKeyPair();
            } catch (StrongBoxUnavailableException unused) {
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(this.KEY_ALIAS, 3).setCertificateSubject(new X500Principal("CN=" + this.KEY_ALIAS)).setDigests("SHA-256").setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(BigInteger.valueOf(1L)).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).build());
                keyPairGenerator.generateKeyPair();
            }
        } finally {
            setLocale(locale);
        }
    }

    private void createRSAKeysIfNeeded(Context context) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID);
        keyStore.load(null);
        if (keyStore.getKey(this.KEY_ALIAS, null) == null) {
            createKeys(context);
        }
    }

    private PrivateKey getPrivateKey() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID);
        keyStore.load(null);
        Key key = keyStore.getKey(this.KEY_ALIAS, null);
        if (key != null) {
            if (key instanceof PrivateKey) {
                return (PrivateKey) key;
            }
            throw new Exception("Not an instance of a PrivateKey");
        }
        throw new Exception("No key found under alias: " + this.KEY_ALIAS);
    }

    private PublicKey getPublicKey() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID);
        keyStore.load(null);
        Certificate certificate = keyStore.getCertificate(this.KEY_ALIAS);
        if (certificate == null) {
            throw new Exception("No certificate found under alias: " + this.KEY_ALIAS);
        }
        PublicKey publicKey = certificate.getPublicKey();
        if (publicKey != null) {
            return publicKey;
        }
        throw new Exception("No key found under alias: " + this.KEY_ALIAS);
    }

    private Cipher getRSACipher() throws Exception {
        return Build.VERSION.SDK_INT < 23 ? Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL") : Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
    }

    private void setLocale(Locale locale) {
        Locale.setDefault(locale);
        Resources resources = this.context.getResources();
        Configuration configuration = resources.getConfiguration();
        configuration.locale = locale;
        resources.updateConfiguration(configuration, resources.getDisplayMetrics());
    }

    public byte[] decrypt(byte[] bArr) throws Exception {
        PrivateKey privateKey = getPrivateKey();
        Cipher rSACipher = getRSACipher();
        rSACipher.init(2, privateKey);
        return rSACipher.doFinal(bArr);
    }

    public byte[] encrypt(byte[] bArr) throws Exception {
        PublicKey publicKey = getPublicKey();
        Cipher rSACipher = getRSACipher();
        rSACipher.init(1, publicKey);
        return rSACipher.doFinal(bArr);
    }

    public Key unwrap(byte[] bArr, String str) throws Exception {
        PrivateKey privateKey = getPrivateKey();
        Cipher rSACipher = getRSACipher();
        rSACipher.init(4, privateKey);
        return rSACipher.unwrap(bArr, str, 3);
    }

    public byte[] wrap(Key key) throws Exception {
        PublicKey publicKey = getPublicKey();
        Cipher rSACipher = getRSACipher();
        rSACipher.init(3, publicKey);
        return rSACipher.wrap(key);
    }
}
