package ch.sbb.spc;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Date;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.security.auth.x500.X500Principal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@TargetApi(23)
/* loaded from: classes3.dex */
final class v {
    private static final Logger c = LoggerFactory.getLogger((Class<?>) v.class);

    /* renamed from: a, reason: collision with root package name */
    private Locale f6670a;

    /* renamed from: b, reason: collision with root package name */
    private KeyStore f6671b;

    /* JADX INFO: Access modifiers changed from: package-private */
    public v(String str, Context context) throws SecurityException {
        try {
            a(str, context);
        } catch (SecurityException e) {
            try {
                a(str, context);
            } catch (SecurityException e2) {
                f(e2, str);
                c.error("Key store initialize failed: message: " + e.getMessage() + ", cause: " + e.getCause(), (Throwable) e);
            }
        }
    }

    private void a(String str, Context context) throws SecurityException {
        b(str, context);
    }

    @TargetApi(23)
    private boolean b(String str, Context context) {
        h(context);
        try {
            if (!e().containsAlias(str) || e().getKey(str, null) == null) {
                c.info("create Keystore key");
                long currentTimeMillis = System.currentTimeMillis();
                Date date = new Date(currentTimeMillis);
                Date date2 = new Date(3153600000000L + currentTimeMillis);
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setCertificateSubject(new X500Principal("CN=SwissPass, O=SBB, C=Switzerland")).setCertificateNotBefore(date).setCertificateNotAfter(date2).setCertificateSerialNumber(BigInteger.ONE).setEncryptionPaddings("PKCS1Padding").build());
                keyPairGenerator.generateKeyPair();
            }
        } catch (IllegalStateException | NullPointerException | SecurityException | UnsupportedOperationException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | ProviderException | UnrecoverableEntryException e) {
            g(context);
            f(e, str);
        }
        g(context);
        return true;
    }

    private synchronized KeyStore e() throws SecurityException {
        if (this.f6671b == null) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                this.f6671b = keyStore;
                keyStore.load(null);
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                throw new SecurityException(e);
            }
        }
        return this.f6671b;
    }

    private void f(Exception exc, String str) throws SecurityException {
        c.error("Keystore operation failed: message: " + exc.getMessage() + ", cause: " + exc.getCause(), (Throwable) exc);
        for (Throwable cause = exc.getCause(); cause != null; cause = cause.getCause()) {
            c.error("Cause: " + cause.getMessage());
        }
        if (str != null) {
            try {
                if (e().containsAlias(str)) {
                    c.info("KeyStore delete Alias '{}'.", str);
                    e().deleteEntry(str);
                }
            } catch (KeyStoreException e) {
                c.info("exception while deleting KeyStore: Alias '{}'.message: " + e.getMessage() + ", cause: " + e.getCause(), str);
            }
        }
        throw new SecurityException(exc);
    }

    @TargetApi(23)
    private void g(Context context) {
        if (Build.VERSION.SDK_INT <= 23) {
            i(this.f6670a, context);
        }
    }

    @TargetApi(23)
    private void h(Context context) {
        if (Build.VERSION.SDK_INT <= 23) {
            this.f6670a = Locale.getDefault();
            i(Locale.ENGLISH, context);
        }
    }

    @TargetApi(23)
    private void i(Locale locale, Context context) {
        if (Build.VERSION.SDK_INT <= 23) {
            Locale.setDefault(locale);
            Resources resources = context.getResources();
            Configuration configuration = resources.getConfiguration();
            configuration.locale = locale;
            resources.updateConfiguration(configuration, resources.getDisplayMetrics());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String c(String str, String str2) throws SecurityException {
        String str3 = null;
        if (str == null || str2 == null) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            PrivateKey privateKey = (PrivateKey) e().getKey(str2, null);
            if (privateKey == null) {
                f(new IOException("privateKeyEntry null"), str2);
            } else {
                cipher.init(2, privateKey);
            }
            CipherInputStream cipherInputStream = new CipherInputStream(new BufferedInputStream(new ByteArrayInputStream(Base64.decode(str, 2))), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i = 0; i < size; i++) {
                bArr[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            String str4 = new String(bArr, 0, size, "UTF-8");
            try {
                try {
                    cipherInputStream.close();
                    return str4;
                } catch (IOException e) {
                    c.error("Close cipherInputStream failed: message: " + e.getMessage() + ", cause: " + e.getCause(), (Throwable) e);
                    return str4;
                }
            } catch (Exception e2) {
                e = e2;
                str3 = str4;
                c.warn("Failed to decrypt cipherText <" + str + "> with Base64 decoded length " + Base64.decode(str, 2).length);
                f(e, str2);
                return str3;
            }
        } catch (Exception e3) {
            e = e3;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String d(String str, String str2) throws SecurityException {
        if (str == null || str.isEmpty() || str2 == null || str2.isEmpty()) {
            f(new IOException("encrypt failed, empty input"), str2);
        }
        c.info("Encrypting " + str);
        try {
            if (((PrivateKey) e().getKey(str2, null)) == null) {
                f(new IOException("privateKey null"), str2);
            }
            PublicKey publicKey = e().getCertificate(str2).getPublicKey();
            PublicKey generatePublic = KeyFactory.getInstance(publicKey.getAlgorithm()).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded()));
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
            cipher.init(1, generatePublic);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes("UTF-8"));
            try {
                cipherOutputStream.close();
            } catch (IOException e) {
                c.error("Close cipherOutputStream failed: message: " + e.getMessage() + ", cause: " + e.getCause(), (Throwable) e);
            }
            return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 2);
        } catch (Exception e2) {
            f(e2, str2);
            return null;
        }
    }
}
