package com.tplink.omada.libutility.b;

import android.content.Context;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class b {
    private static volatile b a;
    private KeyStore b;

    private b() {
        try {
            this.b = KeyStore.getInstance("AndroidKeyStore");
            this.b.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            com.google.a.a.a.a.a.a.a(e);
        }
    }

    public static b a() {
        if (a == null) {
            synchronized (b.class) {
                if (a == null) {
                    a = new b();
                }
            }
        }
        return a;
    }

    private void a(Context context, Locale locale) {
        if (context == null || locale == null) {
            return;
        }
        Locale.setDefault(locale);
        Resources resources = context.getResources();
        Configuration configuration = resources.getConfiguration();
        configuration.locale = locale;
        resources.updateConfiguration(configuration, resources.getDisplayMetrics());
    }

    private KeyStore.PrivateKeyEntry b(String str) {
        try {
            this.b.load(null);
            KeyStore.Entry entry = this.b.getEntry(str, null);
            if (entry != null) {
                if (entry instanceof KeyStore.PrivateKeyEntry) {
                    return (KeyStore.PrivateKeyEntry) entry;
                }
                com.tplink.omada.libutility.a.a.e("KeyStoreWrapper", "Not an instance of a PrivateKeyEntry");
                return null;
            }
            com.tplink.omada.libutility.a.a.e("KeyStoreWrapper", "No key found under alias: " + str);
            return null;
        } catch (IOException | NullPointerException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | Exception e) {
            com.google.a.a.a.a.a.a.a(e);
            return null;
        }
    }

    private void b(Context context, String str) {
        AlgorithmParameterSpec build;
        if (str.isEmpty() || a(str)) {
            return;
        }
        Locale locale = Locale.getDefault();
        try {
            try {
                a(context, Locale.ENGLISH);
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 30);
                if (Build.VERSION.SDK_INT < 23) {
                    com.tplink.omada.libutility.a.a.a("KeyStoreWrapper", "createNewKey Pre M");
                    build = new KeyPairGeneratorSpec.Builder(context.getApplicationContext()).setAlias(str).setSubject(new X500Principal("CN=Sample Name, O=Android Authority")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                } else {
                    com.tplink.omada.libutility.a.a.a("KeyStoreWrapper", "createNewKey Post M");
                    build = new KeyGenParameterSpec.Builder(str, 3).setCertificateSubject(new X500Principal("CN=Sample Name, O=Android Authority")).setDigests("SHA-256").setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(BigInteger.ONE).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).build();
                }
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            } finally {
                a(context, locale);
            }
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | Exception e) {
            com.google.a.a.a.a.a.a.a(e);
        }
    }

    public String a(String str, String str2) {
        byte[] b;
        return (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || (b = b(Base64.decode(str, 0), str2)) == null) ? "" : new String(b, 0, b.length);
    }

    public void a(Context context, String str) {
        b(context, str);
    }

    public boolean a(String str) {
        if (this.b != null) {
            try {
                if (this.b.containsAlias(str)) {
                    if (this.b.getCertificateChain(str) != null) {
                        return true;
                    }
                }
            } catch (KeyStoreException e) {
                com.google.a.a.a.a.a.a.a(e);
            }
        }
        return false;
    }

    public byte[] a(byte[] bArr, String str) {
        KeyStore.PrivateKeyEntry b;
        if (bArr.length == 0 || (b = b(str)) == null) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, b.getCertificate().getPublicKey());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(bArr);
            cipherOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            com.google.a.a.a.a.a.a.a(e);
            return null;
        }
    }

    public byte[] b(byte[] bArr, String str) {
        KeyStore.PrivateKeyEntry b;
        if (bArr.length == 0 || (b = b(str)) == null) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, b.getPrivateKey());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            byte[] bArr2 = new byte[arrayList.size()];
            for (int i = 0; i < bArr2.length; i++) {
                bArr2[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            return bArr2;
        } catch (IOException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            com.google.a.a.a.a.a.a.a(e);
            return null;
        }
    }
}
