package net.plazz.mea.util;

import android.app.ActivityManager;
import android.app.AlarmManager;
import android.app.AlertDialog;
import android.app.Application;
import android.app.KeyguardManager;
import android.app.PendingIntent;
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.UserNotAuthenticatedException;
import android.util.Base64;
import androidx.core.app.NotificationCompat;
import com.joshdholtz.sentry.Sentry;
import de.volkswagen.eventapp.R;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.spec.MGF1ParameterSpec;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.security.auth.x500.X500Principal;
import net.plazz.mea.constants.Const;
import net.plazz.mea.controll.Controller;
import net.plazz.mea.settings.GlobalPreferences;
import net.plazz.mea.user.UserManager;

/* loaded from: classes2.dex */
public class KeyStoreHelper {
    private static final String ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final int KEYSIZE = 4096;
    private static final int LAST_UNLOCK_DURATION = 2592000;
    private static final String MEA_ALIAS = "MeaCredentials";
    private static boolean SECOND_TRY = false;
    private static final String TAG = "KeyStoreHelper";
    private static KeyStore mKeyStore;

    private static void checkKeystoreFunctionality() {
        String str = TAG;
        Log.d(str, "checkKeystoreFunctionality(): MeaCredentials");
        if (decryptString(encryptString("MobileEventApp")).equals("MobileEventApp")) {
            Log.d(str, "--> passed");
        } else {
            Log.e(str, "--> failed");
        }
    }

    public static void createKey() {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            mKeyStore = keyStore;
            keyStore.load(null);
            if (mKeyStore.containsAlias(MEA_ALIAS)) {
                return;
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar.add(11, -26);
            calendar2.add(1, 10);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", ANDROID_KEYSTORE);
            KeyguardManager keyguardManager = (KeyguardManager) Controller.getInstance().getCurrentApplication().getSystemService("keyguard");
            if (Build.VERSION.SDK_INT < 23) {
                KeyPairGeneratorSpec.Builder builder = new KeyPairGeneratorSpec.Builder(Controller.getInstance().getCurrentApplication());
                builder.setAlias(MEA_ALIAS).setSubject(new X500Principal("CN=plazz AG, O=Mobile Event App")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime());
                if (keyguardManager != null && keyguardManager.isKeyguardSecure()) {
                    builder.setEncryptionRequired();
                }
                keyPairGenerator.initialize(builder.build());
            } else {
                KeyGenParameterSpec.Builder randomizedEncryptionRequired = new KeyGenParameterSpec.Builder(MEA_ALIAS, 3).setCertificateSubject(new X500Principal("CN=plazz AG, O=Mobile Event App")).setCertificateSerialNumber(BigInteger.ONE).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("OAEPPadding").setKeyValidityStart(calendar.getTime()).setKeyValidityEnd(calendar2.getTime()).setKeySize(4096).setRandomizedEncryptionRequired(true);
                if (!GlobalPreferences.getInstance().isKeystoreFailed()) {
                    randomizedEncryptionRequired.setUserAuthenticationRequired(keyguardManager.isDeviceSecure()).setUserAuthenticationValidityDurationSeconds(LAST_UNLOCK_DURATION);
                }
                keyPairGenerator.initialize(randomizedEncryptionRequired.build());
            }
            keyPairGenerator.generateKeyPair();
            checkKeystoreFunctionality();
        } catch (Exception e) {
            Log.ex(e);
        }
    }

    public static String decryptString(String str) {
        try {
            if (mKeyStore == null) {
                mKeyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            }
            mKeyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) mKeyStore.getEntry(MEA_ALIAS, null);
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
            if (str.equals("EXCEPTION")) {
                throw new KeyStoreException();
            }
            if (privateKeyEntry == null) {
                return "";
            }
            cipher.init(2, privateKeyEntry.getPrivateKey(), oAEPParameterSpec);
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i = 0; i < size; i++) {
                bArr[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            return new String(bArr, 0, size, "UTF-8");
        } catch (Exception e) {
            Sentry.addBreadcrumb("KeyStore", e.getMessage());
            if ((e instanceof UserNotAuthenticatedException) || ((e instanceof InvalidKeyException) && !GlobalPreferences.getInstance().isKeystoreFailed())) {
                Log.e(TAG, "UserNotAuthenticatedException: " + e.getMessage());
                GlobalPreferences.getInstance().setKeystoreFailed(true);
                deleteKey();
                createKey();
            } else {
                Sentry.addBreadcrumb("KeyStore", "Do CleanUp and Restart!");
                Sentry.captureEvent(new Sentry.SentryEventBuilder().setMessage(e.getMessage()).setTimestamp(System.currentTimeMillis()).setException(e.fillInStackTrace()).setLevel(Sentry.SentryEventLevel.ERROR));
                doCleanUpAndRestart();
            }
            return "";
        }
    }

    public static void deleteKey() {
        UserManager.INSTANCE.switchUser(Const.STANDARD_USER);
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            keyStore.deleteEntry(MEA_ALIAS);
        } catch (Exception e) {
            Log.e(TAG, "delete Key failed");
            Log.ex(e);
        }
    }

    public static void doCleanUpAndRestart() {
        final Application currentApplication = Controller.getInstance().getCurrentApplication();
        try {
            if (currentApplication != null) {
                PackageManager packageManager = currentApplication.getPackageManager();
                if (packageManager != null) {
                    final Intent launchIntentForPackage = packageManager.getLaunchIntentForPackage(currentApplication.getPackageName());
                    if (launchIntentForPackage == null) {
                        Log.e(TAG, "Was not able to restart application, mStartActivity null");
                    } else if (Controller.getInstance().getCurrentApplication() != null) {
                        AlertDialog.Builder builder = new AlertDialog.Builder(Controller.getInstance().getCurrentApplication());
                        builder.setTitle(currentApplication.getString(R.string.decryption_error_title));
                        builder.setMessage(currentApplication.getString(R.string.decryption_error_text));
                        builder.setCancelable(false);
                        builder.setPositiveButton(currentApplication.getString(R.string.decryption_error_btn), new DialogInterface.OnClickListener() { // from class: net.plazz.mea.util.-$$Lambda$KeyStoreHelper$wnyk1fK20lj4DnMW2UMfjx9Alrg
                            @Override // android.content.DialogInterface.OnClickListener
                            public final void onClick(DialogInterface dialogInterface, int i) {
                                KeyStoreHelper.lambda$doCleanUpAndRestart$0(launchIntentForPackage, currentApplication, dialogInterface, i);
                            }
                        });
                        builder.create().show();
                    }
                } else {
                    Log.e(TAG, "Was not able to restart application, PM null");
                }
            } else {
                Log.e(TAG, "Was not able to restart application, Context null");
            }
        } catch (Exception e) {
            Log.e(TAG, "Was not able to restart application");
            Log.ex(e);
        }
    }

    public static String encryptString(String str) {
        try {
            if (mKeyStore == null) {
                mKeyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            }
            mKeyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) mKeyStore.getEntry(MEA_ALIAS, null);
            if (str.isEmpty()) {
                Log.e(TAG, "Error: textToEncrypt is empty");
                return "";
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            cipher.init(1, privateKeyEntry.getCertificate().getPublicKey(), new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes("UTF-8"));
            cipherOutputStream.close();
            return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
        } catch (Exception e) {
            Log.ex(e);
            return "";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$doCleanUpAndRestart$0(Intent intent, Context context, DialogInterface dialogInterface, int i) {
        intent.addFlags(67108864);
        ((AlarmManager) context.getSystemService(NotificationCompat.CATEGORY_ALARM)).set(1, System.currentTimeMillis() + 100, PendingIntent.getActivity(context, 223344, intent, 335544320));
        System.exit(2);
        ((ActivityManager) context.getSystemService("activity")).clearApplicationUserData();
    }
}
