package atws.shared.auth.token;

import android.content.Context;
import android.os.Build;
import android.security.KeyChain;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import ap.aj;
import ap.ao;
import ap.k;
import atws.shared.app.l;
import com.connection.auth2.ae;
import com.connection.auth2.am;
import com.connection.auth2.an;
import com.connection.d.j;
import com.connection.d.m;
import com.connection.d.p;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class d implements j {

    /* renamed from: a, reason: collision with root package name */
    public static final ao f9208a = new ao("Android native Key Store API Failure simulation BZ99573/99580");

    /* renamed from: b, reason: collision with root package name */
    public static final ao f9209b = new ao("Android native Key Store API Failure simulation BZ99573/99580");

    /* renamed from: c, reason: collision with root package name */
    public static a f9210c;

    /* renamed from: d, reason: collision with root package name */
    private final aj f9211d = new aj("KeyStoreAccessor:");

    /* renamed from: e, reason: collision with root package name */
    private volatile KeyStore f9212e = KeyStore.getInstance("AndroidKeyStore");

    /* loaded from: classes.dex */
    public enum a {
        FINGERPRINT_TST_KEY_STORE_ALIAS("TST"),
        PIN_TST_KEY_STORE_ALIAS("PIN_TST"),
        COMMON_NONE_EXPIRED_KEY_STORE_ALIAS("COMMON_NONE_EXPIRED_KEY");


        /* renamed from: d, reason: collision with root package name */
        private final String f9217d;

        a(String str) {
            this.f9217d = str;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String a() {
            return this.f9217d;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.f9217d;
        }
    }

    public d() {
        this.f9212e.load(null);
        c("Key store init done!");
    }

    protected static long a(boolean z2, Calendar calendar) {
        boolean z3;
        long timeInMillis = calendar.getTimeInMillis();
        if (calendar.get(7) == 1) {
            a(calendar);
            z3 = z2 ? timeInMillis >= calendar.getTimeInMillis() : timeInMillis < calendar.getTimeInMillis();
            calendar.setTimeInMillis(timeInMillis);
        } else {
            z3 = true;
        }
        if (z3) {
            while (z3) {
                calendar.setTimeInMillis((z2 ? 86400000L : -86400000L) + calendar.getTimeInMillis());
                z3 = calendar.get(7) != 1;
            }
        }
        a(calendar);
        return calendar.getTimeInMillis();
    }

    private void a(an anVar, Context context) {
        String str;
        KeyStore.PrivateKeyEntry privateKeyEntry = null;
        try {
            str = null;
            privateKeyEntry = a(anVar);
        } catch (Throwable th) {
            String message = th.getMessage();
            if (message == null) {
                message = th.toString();
            }
            ap.an.a(String.format("Failed read key for %s", anVar), th);
            str = message;
        }
        if (privateKeyEntry == null) {
            try {
                a(anVar, 0L, true, context);
            } catch (Throwable th2) {
                ap.an.a(String.format("Failed generate key for %s", anVar), th2);
            }
            if (ap.an.b((CharSequence) str)) {
                ap.an.f(String.format("Due error removed \"%s\" token:", anVar) + str);
                l.af().a(com.connection.auth2.e.a(Integer.valueOf(anVar.a())), true);
            }
        }
    }

    private static void a(Calendar calendar) {
        calendar.set(11, 1);
        calendar.set(12, 0);
        calendar.set(13, 0);
    }

    private byte[] a(an anVar, byte[] bArr) {
        return a(b(anVar), bArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static long b(boolean z2) {
        return a(z2, Calendar.getInstance());
    }

    private static String b(an anVar) {
        if (anVar == an.NONE || anVar == an.K_IN_MEMORY || anVar == an.SOFT_TOKEN || anVar == an.PERM_TOKEN || anVar == an.SST_TOKEN) {
            return a.COMMON_NONE_EXPIRED_KEY_STORE_ALIAS.a();
        }
        String a2 = anVar == an.TST_TOKEN ? a.FINGERPRINT_TST_KEY_STORE_ALIAS.a() : anVar == an.TST_PIN_TOKEN ? a.PIN_TST_KEY_STORE_ALIAS.a() : null;
        if (a2 != null) {
            return a2;
        }
        ap.an.f("Failed to provide keystore alias for token:" + anVar);
        return a2;
    }

    private KeyStore.PrivateKeyEntry b(String str) {
        return (KeyStore.PrivateKeyEntry) this.f9212e.getEntry(str, null);
    }

    private byte[] b(an anVar, byte[] bArr) {
        return b(b(anVar), bArr);
    }

    private static long c(an anVar) {
        if (anVar == an.TST_TOKEN) {
            return b(true);
        }
        return 0L;
    }

    private void c(String str) {
        ArrayList arrayList = new ArrayList();
        if (a()) {
            Enumeration<String> aliases = this.f9212e.aliases();
            while (aliases.hasMoreElements()) {
                arrayList.add(aliases.nextElement());
            }
        }
        this.f9211d.a(str + "\n" + arrayList.toString(), true);
    }

    @Override // com.connection.d.j
    public am a(am amVar, an anVar) {
        byte[] bArr;
        if (amVar.c()) {
            try {
                bArr = b(anVar, amVar.a());
            } catch (Exception e2) {
                ap.an.a(String.format("Failed to decrypt dataIn by key=%s", anVar), (Throwable) e2);
                bArr = null;
            }
        } else {
            try {
                bArr = Base64.decode(m.a(amVar.a(), k.x().s().getBytes()).getBytes("UTF-8"), 0);
            } catch (Throwable th) {
                ap.an.f(String.format("KeyStoreAccessor:failed to fallback-decrypt data by key=%s", anVar));
                bArr = null;
            }
        }
        if (bArr != null) {
            return new am(bArr, amVar.b());
        }
        return null;
    }

    @Override // com.connection.d.j
    public am a(byte[] bArr, an anVar) {
        am amVar;
        a(anVar, atws.shared.j.j.c().a().getApplicationContext());
        try {
            amVar = am.a(a(anVar, bArr));
        } catch (Throwable th) {
            ap.an.a(String.format("KeyStoreAccessor:failed to encrypt data by key=%s", anVar), th);
            amVar = null;
        }
        if (amVar != null || !anVar.g()) {
            return amVar;
        }
        try {
            amVar = am.b(m.a(new String(Base64.encode(bArr, 0), "UTF-8"), k.x().s().getBytes()));
            ap.an.c(String.format("KeyStoreAccessor:%s encrypted by fallback case", anVar));
            return amVar;
        } catch (Throwable th2) {
            ap.an.a(String.format("KeyStoreAccessor:failed to fallback-encrypt data by key=%s", anVar), th2);
            return amVar;
        }
    }

    public KeyStore.PrivateKeyEntry a(an anVar) {
        String b2 = b(anVar);
        if (f9210c == null || !ap.an.a(b2, f9210c.a())) {
            return b(b2);
        }
        f9210c = null;
        throw new KeyStoreException("Simulated KeyEntry Exception (MOBILEPLAT-163)");
    }

    public void a(Context context) {
        a(an.NONE, context);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void a(String str) {
        this.f9212e.deleteEntry(str);
        c("Key deleted!");
    }

    protected boolean a() {
        return com.connection.auth2.f.a();
    }

    public boolean a(an anVar, long j2, boolean z2, Context context) {
        return a(anVar, b(anVar), j2, z2, context);
    }

    public boolean a(an anVar, String str, long j2, boolean z2, Context context) {
        if (j2 == 0) {
            j2 = c(anVar);
        }
        try {
            if (this.f9212e.containsAlias(str)) {
                if (!z2) {
                    return true;
                }
                a(str);
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 15);
            Date date = j2 > 0 ? new Date(j2) : calendar2.getTime();
            Date time = calendar.getTime();
            this.f9211d.a(String.format("KeyStoreAccessor.generateStoreKey for \"%s\" start date=\"%s\", end date=\"%s\"", anVar, ae.f12616a.format(time), ae.f12616a.format(date)), true);
            p pVar = new p();
            pVar.a();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(b() ? new KeyGenParameterSpec.Builder(str, 3).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(BigInteger.TEN).setCertificateNotBefore(time).setCertificateNotAfter(date).setKeySize(2048).build() : new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=Interactive Brokers, O=IB")).setSerialNumber(BigInteger.TEN).setStartDate(time).setEndDate(date).setKeySize(2048).build());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            pVar.b();
            this.f9211d.a("Generated " + str + " New spec:" + b() + " " + pVar.d(), true);
            if (a()) {
                this.f9211d.a("\n prk=" + generateKeyPair.getPrivate() + "\n puk=" + generateKeyPair.getPublic(), true);
            }
            return true;
        } catch (Exception e2) {
            this.f9211d.a("Failed to generate key store key!", e2);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] a(String str, byte[] bArr) {
        if (f9208a.d()) {
            throw new KeyStoreException("Simulated Encryption exception (BZ99573/99580)");
        }
        PublicKey publicKey = b(str).getCertificate().getPublicKey();
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, publicKey);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        this.f9211d.a("data encrypted", true);
        return byteArray;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean b() {
        return Build.VERSION.SDK_INT >= 23;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] b(String str, byte[] bArr) {
        if (f9209b.d()) {
            throw new KeyStoreException("Simulated Decryption Exception (BZ99573/99580)");
        }
        PrivateKey privateKey = b(str).getPrivateKey();
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, privateKey);
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        byte[] bArr2 = new byte[arrayList.size()];
        int i2 = 0;
        while (true) {
            int i3 = i2;
            if (i3 >= bArr2.length) {
                this.f9211d.a("data decrypted", true);
                return bArr2;
            }
            bArr2[i3] = ((Byte) arrayList.get(i3)).byteValue();
            i2 = i3 + 1;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean e() {
        if (!b()) {
            return KeyChain.isBoundKeyAlgorithm("RSA");
        }
        Enumeration<String> aliases = this.f9212e.aliases();
        if (aliases.hasMoreElements()) {
            try {
                PrivateKey privateKey = b(aliases.nextElement()).getPrivateKey();
                return ((KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), "AndroidKeyStore").getKeySpec(privateKey, KeyInfo.class)).isInsideSecureHardware();
            } catch (Exception e2) {
                ap.an.a("isHardwareBackedKeyStore error: " + e2, (Throwable) e2);
            }
        }
        return false;
    }
}
