package sg.gov.tech.bluetrace.encryption;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.RequiresApi;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.util.Calendar;
import java.util.Enumeration;
import java.util.Iterator;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt__IteratorsJVMKt;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import sg.gov.tech.bluetrace.analytics.AnalyticsKeys;
import sg.gov.tech.bluetrace.logging.CentralLog;
import sg.gov.tech.bluetrace.logging.DBLogger;

/* compiled from: KeyStoreUtil.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000,\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\n\bÆ\u0002\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u0015\u0010\u0010J\u001d\u0010\u0007\u001a\u00020\u00062\u0006\u0010\u0003\u001a\u00020\u00022\u0006\u0010\u0005\u001a\u00020\u0004¢\u0006\u0004\b\u0007\u0010\bJ\u0019\u0010\n\u001a\u0004\u0018\u00010\t2\u0006\u0010\u0005\u001a\u00020\u0004H\u0007¢\u0006\u0004\b\n\u0010\u000bJ\u0015\u0010\r\u001a\u00020\f2\u0006\u0010\u0005\u001a\u00020\u0004¢\u0006\u0004\b\r\u0010\u000eJ\r\u0010\u000f\u001a\u00020\f¢\u0006\u0004\b\u000f\u0010\u0010R\u0016\u0010\u0011\u001a\u00020\u00048\u0002@\u0002X\u0082T¢\u0006\u0006\n\u0004\b\u0011\u0010\u0012R\u0016\u0010\u0013\u001a\u00020\u00048\u0002@\u0002X\u0082T¢\u0006\u0006\n\u0004\b\u0013\u0010\u0012R\u0016\u0010\u0014\u001a\u00020\u00048\u0002@\u0002X\u0082T¢\u0006\u0006\n\u0004\b\u0014\u0010\u0012¨\u0006\u0016"}, d2 = {"Lsg/gov/tech/bluetrace/encryption/KeyStoreUtil;", "", "Landroid/content/Context;", "context", "", "alias", "", "generateRsaKeyPair", "(Landroid/content/Context;Ljava/lang/String;)Z", "Ljavax/crypto/SecretKey;", "generateAesKey", "(Ljava/lang/String;)Ljavax/crypto/SecretKey;", "", "removeKey", "(Ljava/lang/String;)V", "removeAllKeys", "()V", KeyStoreUtil.RSA, "Ljava/lang/String;", "ANDROID_KEY_STORE", AnalyticsKeys.TAG, "<init>", "app_release"}, k = 1, mv = {1, 5, 1})
/* loaded from: classes3.dex */
public final class KeyStoreUtil {

    @NotNull
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";

    @NotNull
    public static final KeyStoreUtil INSTANCE = new KeyStoreUtil();

    @NotNull
    private static final String RSA = "RSA";

    @NotNull
    private static final String TAG = "KeyStoreUtil";

    private KeyStoreUtil() {
    }

    @RequiresApi(23)
    @Nullable
    public final SecretKey generateAesKey(@NotNull String alias) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(alias, null);
            if (entry != null) {
                return ((KeyStore.SecretKeyEntry) entry).getSecretKey();
            }
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(alias, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").build();
            Intrinsics.checkNotNullExpressionValue(build, "Builder(\n                    alias,\n                    KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT\n                )\n                    .setBlockModes(KeyProperties.BLOCK_MODE_GCM)\n                    .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)\n                    .build()");
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE);
            keyGenerator.init(build);
            return keyGenerator.generateKey();
        } catch (Exception e) {
            StringBuilder sb = new StringBuilder();
            sb.append((Object) KeyStoreUtil.class.getSimpleName());
            sb.append(" -> ");
            new Object() { // from class: sg.gov.tech.bluetrace.encryption.KeyStoreUtil$generateAesKey$loggerTAG$1
            };
            Method enclosingMethod = KeyStoreUtil$generateAesKey$loggerTAG$1.class.getEnclosingMethod();
            sb.append((Object) (enclosingMethod == null ? null : enclosingMethod.getName()));
            String sb2 = sb.toString();
            DBLogger dBLogger = DBLogger.INSTANCE;
            dBLogger.e(DBLogger.LogType.ENCRYPTION, sb2, "Cannot create AES key.", dBLogger.getStackTraceInJSONArrayString(e));
            CentralLog.INSTANCE.e(TAG, Intrinsics.stringPlus("Cannot create AES key:", e));
            return null;
        }
    }

    public final boolean generateRsaKeyPair(@NotNull Context context, @NotNull String alias) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(alias, "alias");
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(ANDROID_KEY_STORE)");
            keyStore.load(null);
            if (!keyStore.containsAlias(alias)) {
                Calendar calendar = Calendar.getInstance();
                Intrinsics.checkNotNullExpressionValue(calendar, "getInstance()");
                Calendar calendar2 = Calendar.getInstance();
                Intrinsics.checkNotNullExpressionValue(calendar2, "getInstance()");
                calendar2.add(1, 30);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setKeySize(4096).setAlias(alias).setSubject(new X500Principal(Intrinsics.stringPlus("CN=", alias))).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                Intrinsics.checkNotNullExpressionValue(build, "Builder(context)\n                    .setKeySize(4096)\n                    .setAlias(alias)\n                    .setSubject(X500Principal(\"CN=$alias\"))\n                    .setSerialNumber(BigInteger.TEN)\n                    .setStartDate(start.time)\n                    .setEndDate(end.time)\n                    .build()");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA, ANDROID_KEY_STORE);
                Intrinsics.checkNotNullExpressionValue(keyPairGenerator, "getInstance(RSA, ANDROID_KEY_STORE)");
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            }
            return true;
        } catch (Exception e) {
            StringBuilder sb = new StringBuilder();
            sb.append((Object) KeyStoreUtil.class.getSimpleName());
            sb.append(" -> ");
            new Object() { // from class: sg.gov.tech.bluetrace.encryption.KeyStoreUtil$generateRsaKeyPair$loggerTAG$1
            };
            Method enclosingMethod = KeyStoreUtil$generateRsaKeyPair$loggerTAG$1.class.getEnclosingMethod();
            sb.append((Object) (enclosingMethod != null ? enclosingMethod.getName() : null));
            String sb2 = sb.toString();
            DBLogger dBLogger = DBLogger.INSTANCE;
            dBLogger.e(DBLogger.LogType.ENCRYPTION, sb2, "Cannot create RSA key pair.", dBLogger.getStackTraceInJSONArrayString(e));
            CentralLog.INSTANCE.e(TAG, Intrinsics.stringPlus("Cannot create RSA key pair:", e));
            return false;
        }
    }

    public final void removeAllKeys() {
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
        Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(ANDROID_KEY_STORE)");
        keyStore.load(null);
        Enumeration<String> aliases = keyStore.aliases();
        Intrinsics.checkNotNullExpressionValue(aliases, "aliases");
        Iterator it = CollectionsKt__IteratorsJVMKt.iterator(aliases);
        while (it.hasNext()) {
            keyStore.deleteEntry((String) it.next());
        }
    }

    public final void removeKey(@NotNull String alias) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
        Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(ANDROID_KEY_STORE)");
        keyStore.load(null);
        keyStore.deleteEntry(alias);
    }
}
