package com.toopher.android.sdk.util;

import android.annotation.TargetApi;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.toopher.android.sdk.ToopherSDK;
import com.toopher.android.sdk.interfaces.data.ToopherPrefs;
import com.toopher.android.shared.util.Log;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.GregorianCalendar;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class ToopherApiRsaKeyPairManager {
    private static String LOG_TAG = "com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager";
    private static final String SUCCESSFULLY_REGISTERED_PREFS_KEY_B64 = "TOOPHER_API_RSA_KEY_SUCCESSFULLY_REGISTERED_B64";
    private static final String SUCCESSFULLY_REGISTERED_PREFS_KEY_UTF8 = "TOOPHER_API_RSA_KEY_SUCCESSFULLY_REGISTERED";
    private static KeyPairStorage bestRegisteredKeyPairStorage;
    private static KeyPairStorage jellybeanPrefsKeypairStorage;
    private static KeyPairStorage[] preferenceOrder;
    private static ToopherPrefs prefs;
    private static KeyPairStorage keystoreKeyPairStorage = new KeystoreKeyPairStorage();
    private static KeyPairStorage prefsKeyPairStorage = new PrefsKeyPairStorage();

    /* loaded from: classes.dex */
    static class JellyBeanPrefsKeyPairStorage implements KeyPairStorage {
        private static String TOOPHER_PREFS_JB_KEYPAIR_PRIVATE_KEY = "TOOPHER_API_JB_RSA_PRIVATE_KEY";
        private static String TOOPHER_PREFS_JB_KEYPAIR_PUBLIC_KEY = "TOOPHER_API_JB_RSA_PUBLIC_KEY";

        JellyBeanPrefsKeyPairStorage() {
        }

        private void generateKeyPair() {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            saveKey(genKeyPair.getPublic(), TOOPHER_PREFS_JB_KEYPAIR_PUBLIC_KEY);
            saveKey(genKeyPair.getPrivate(), TOOPHER_PREFS_JB_KEYPAIR_PRIVATE_KEY);
        }

        private PrivateKey getPrivateKey() {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(ToopherApiRsaKeyPairManager.access$100().getString(TOOPHER_PREFS_JB_KEYPAIR_PRIVATE_KEY), 0)));
        }

        private boolean isKeyPairAvailable() {
            return ToopherApiRsaKeyPairManager.access$100().getString(TOOPHER_PREFS_JB_KEYPAIR_PUBLIC_KEY) != null;
        }

        private void saveKey(Key key, String str) {
            ToopherApiRsaKeyPairManager.access$100().set(str, Base64.encodeToString(key.getEncoded(), 0));
        }

        @Override // com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager.KeyPairStorage
        public PublicKey getPublicKey() {
            if (!isKeyPairAvailable()) {
                generateKeyPair();
            }
            return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decode(ToopherApiRsaKeyPairManager.access$100().getString(TOOPHER_PREFS_JB_KEYPAIR_PUBLIC_KEY), 0)));
        }

        @Override // com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager.KeyPairStorage
        public boolean isSupported() {
            return Build.VERSION.SDK_INT >= 16;
        }

        @Override // com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager.KeyPairStorage
        public byte[] sign(byte[] bArr) {
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign(getPrivateKey());
            signature.update(bArr);
            return signature.sign();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public interface KeyPairStorage {
        PublicKey getPublicKey();

        boolean isSupported();

        byte[] sign(byte[] bArr);
    }

    /* loaded from: classes.dex */
    static class KeystoreKeyPairStorage implements KeyPairStorage {
        private String API_KEYPAIR_ALIAS = "ToopherApiServiceRsaKeypair";
        private KeyStore keyStore = null;

        KeystoreKeyPairStorage() {
        }

        @TargetApi(18)
        private void generateKeyPair() {
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 100);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(ToopherSDK.getGlobalApplicationContext()).setAlias(this.API_KEYPAIR_ALIAS).setSubject(new X500Principal("CN=" + this.API_KEYPAIR_ALIAS)).setSerialNumber(BigInteger.ONE).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        }

        private KeyStore getKeyStore() {
            if (this.keyStore == null) {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                this.keyStore = keyStore;
                keyStore.load(null);
            }
            return this.keyStore;
        }

        private boolean isKeyPairAvailable() {
            try {
                return getKeyStore().containsAlias(this.API_KEYPAIR_ALIAS);
            } catch (Exception e2) {
                Log.e(ToopherApiRsaKeyPairManager.LOG_TAG, "Couldn't get keystore", e2);
                return false;
            }
        }

        @Override // com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager.KeyPairStorage
        public PublicKey getPublicKey() {
            if (!isSupported()) {
                return null;
            }
            if (!isKeyPairAvailable()) {
                generateKeyPair();
            }
            return getKeyStore().getCertificate(this.API_KEYPAIR_ALIAS).getPublicKey();
        }

        @Override // com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager.KeyPairStorage
        public boolean isSupported() {
            return Build.VERSION.SDK_INT >= 23;
        }

        @Override // com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager.KeyPairStorage
        public byte[] sign(byte[] bArr) {
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign((PrivateKey) getKeyStore().getKey(this.API_KEYPAIR_ALIAS, null));
            signature.update(bArr);
            return signature.sign();
        }
    }

    /* loaded from: classes.dex */
    static class PrefsKeyPairStorage implements KeyPairStorage {
        private static String TOOPHER_PREFS_KEYPAIR_PRIVATE_KEY = "TOOPHER_API_RSA_PRIVATE_KEY";
        private static String TOOPHER_PREFS_KEYPAIR_PUBLIC_KEY = "TOOPHER_API_RSA_PUBLIC_KEY";

        PrefsKeyPairStorage() {
        }

        private Object fromSerializedString(String str) {
            long nanoTime = System.nanoTime();
            ObjectInputStream objectInputStream = new ObjectInputStream(new ByteArrayInputStream(Base64.decode(str, 0)));
            Object readObject = objectInputStream.readObject();
            objectInputStream.close();
            String str2 = "elapsed nanoseconds was " + Long.toString(System.nanoTime() - nanoTime);
            return readObject;
        }

        private void generateKeyPair() {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            KeyPair genKeyPair = keyPairGenerator.genKeyPair();
            PublicKey publicKey = genKeyPair.getPublic();
            PrivateKey privateKey = genKeyPair.getPrivate();
            ToopherApiRsaKeyPairManager.access$100().set(TOOPHER_PREFS_KEYPAIR_PUBLIC_KEY, serializeToString(publicKey));
            ToopherApiRsaKeyPairManager.access$100().set(TOOPHER_PREFS_KEYPAIR_PRIVATE_KEY, serializeToString(privateKey));
        }

        private boolean isKeyPairAvailable() {
            return ToopherApiRsaKeyPairManager.access$100().getString(TOOPHER_PREFS_KEYPAIR_PUBLIC_KEY) != null;
        }

        private String serializeToString(Serializable serializable) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
            objectOutputStream.writeObject(serializable);
            objectOutputStream.close();
            return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
        }

        @Override // com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager.KeyPairStorage
        public PublicKey getPublicKey() {
            if (!isSupported()) {
                return null;
            }
            if (!isKeyPairAvailable()) {
                generateKeyPair();
            }
            try {
                return (PublicKey) fromSerializedString(ToopherApiRsaKeyPairManager.access$100().getString(TOOPHER_PREFS_KEYPAIR_PUBLIC_KEY));
            } catch (Exception e2) {
                Log.e(ToopherApiRsaKeyPairManager.LOG_TAG, "unable to deserialize public key", e2);
                return null;
            }
        }

        @Override // com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager.KeyPairStorage
        public boolean isSupported() {
            return Build.VERSION.SDK_INT >= 18;
        }

        @Override // com.toopher.android.sdk.util.ToopherApiRsaKeyPairManager.KeyPairStorage
        public byte[] sign(byte[] bArr) {
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign((PrivateKey) fromSerializedString(ToopherApiRsaKeyPairManager.access$100().getString(TOOPHER_PREFS_KEYPAIR_PRIVATE_KEY)));
            signature.update(bArr);
            return signature.sign();
        }
    }

    static {
        JellyBeanPrefsKeyPairStorage jellyBeanPrefsKeyPairStorage = new JellyBeanPrefsKeyPairStorage();
        jellybeanPrefsKeypairStorage = jellyBeanPrefsKeyPairStorage;
        preferenceOrder = new KeyPairStorage[]{keystoreKeyPairStorage, prefsKeyPairStorage, jellyBeanPrefsKeyPairStorage};
    }

    static /* synthetic */ ToopherPrefs access$100() {
        return getPrefs();
    }

    private static String getBase64PublicKeyHash(PublicKey publicKey) {
        return Base64.encodeToString(getPublicKeyHashBytes(publicKey), 0);
    }

    private static KeyPairStorage getBestKeyPairStorageForSdkVersion() {
        for (KeyPairStorage keyPairStorage : preferenceOrder) {
            if (keyPairStorage.isSupported()) {
                return keyPairStorage;
            }
        }
        return null;
    }

    private static KeyPairStorage getBestRegisteredKeyPairStorage() {
        KeyPairStorage keyPairStorage = bestRegisteredKeyPairStorage;
        if (keyPairStorage != null) {
            return keyPairStorage;
        }
        if (getPrefs().getString(SUCCESSFULLY_REGISTERED_PREFS_KEY_B64) == null && getPrefs().getString(SUCCESSFULLY_REGISTERED_PREFS_KEY_UTF8) == null) {
            Log.e(LOG_TAG, "No RSA key has been registered.");
            return null;
        }
        KeyPairStorage[] keyPairStorageArr = preferenceOrder;
        int length = keyPairStorageArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            KeyPairStorage keyPairStorage2 = keyPairStorageArr[i];
            if (keyPairStorage2.isSupported()) {
                try {
                    PublicKey publicKey = keyPairStorage2.getPublicKey();
                    if (publicKey == null) {
                        Log.e(LOG_TAG, String.format("%s public key is not available.", keyPairStorage2.getClass().getName()));
                    } else {
                        if (getBase64PublicKeyHash(publicKey).equals(getPrefs().getString(SUCCESSFULLY_REGISTERED_PREFS_KEY_B64))) {
                            bestRegisteredKeyPairStorage = keyPairStorage2;
                            break;
                        }
                        if (getUtf8PublicKeyHash(publicKey).equals(getPrefs().getString(SUCCESSFULLY_REGISTERED_PREFS_KEY_UTF8))) {
                            bestRegisteredKeyPairStorage = keyPairStorage2;
                            updatePrefsWithBase64PublicKeyHash(publicKey);
                            break;
                        }
                    }
                } catch (Exception e2) {
                    Log.e(LOG_TAG, String.format("Error in %s.getPublicKey(): %s", keyPairStorage2.getClass().getName(), e2));
                }
            }
            i++;
        }
        if (bestRegisteredKeyPairStorage == null) {
            LocalyticsUtils.tagMissingValidKeyPairStorageEvent();
            KeyPairStorage bestKeyPairStorageForSdkVersion = getBestKeyPairStorageForSdkVersion();
            bestRegisteredKeyPairStorage = bestKeyPairStorageForSdkVersion;
            updatePrefsWithBase64PublicKeyHash(bestKeyPairStorageForSdkVersion.getPublicKey());
        }
        return bestRegisteredKeyPairStorage;
    }

    private static ToopherPrefs getPrefs() {
        if (prefs == null) {
            prefs = ToopherSDK.getPrefsFactory().get(ToopherSDK.getGlobalApplicationContext());
        }
        return prefs;
    }

    public static PublicKey getPublicKey() {
        return getBestKeyPairStorageForSdkVersion().getPublicKey();
    }

    private static byte[] getPublicKeyHashBytes(PublicKey publicKey) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(publicKey.getEncoded());
            return messageDigest.digest();
        } catch (NoSuchAlgorithmException e2) {
            Log.e(LOG_TAG, "Failed to generate string hash", e2);
            return null;
        }
    }

    private static String getUtf8PublicKeyHash(PublicKey publicKey) {
        return new String(getPublicKeyHashBytes(publicKey));
    }

    public static boolean isAnyKeySuccessfullyRegistered() {
        return (getPrefs().getString(SUCCESSFULLY_REGISTERED_PREFS_KEY_B64) == null && getPrefs().getString(SUCCESSFULLY_REGISTERED_PREFS_KEY_UTF8) == null) ? false : true;
    }

    public static boolean isCurrentKeySuccessfullyRegistered() {
        try {
            PublicKey publicKey = getBestKeyPairStorageForSdkVersion().getPublicKey();
            return getBase64PublicKeyHash(publicKey).equals(getPrefs().getString(SUCCESSFULLY_REGISTERED_PREFS_KEY_B64)) || getUtf8PublicKeyHash(publicKey).equals(getPrefs().getString(SUCCESSFULLY_REGISTERED_PREFS_KEY_UTF8));
        } catch (Exception e2) {
            Log.e(LOG_TAG, "Failed to get best KeyPair storage", e2);
            return false;
        }
    }

    public static void setKeySuccessfullyRegistered(PublicKey publicKey) {
        getPrefs().set(SUCCESSFULLY_REGISTERED_PREFS_KEY_B64, getBase64PublicKeyHash(publicKey));
        bestRegisteredKeyPairStorage = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] sign(byte[] bArr) {
        return getBestRegisteredKeyPairStorage().sign(bArr);
    }

    private static void updatePrefsWithBase64PublicKeyHash(PublicKey publicKey) {
        getPrefs().set(SUCCESSFULLY_REGISTERED_PREFS_KEY_B64, getBase64PublicKeyHash(publicKey));
        getPrefs().delete(SUCCESSFULLY_REGISTERED_PREFS_KEY_UTF8);
    }
}
