package com.otp.otp_library.key;

import android.os.AsyncTask;
import android.util.Base64;
import com.otp.otp_library.utilis.Constants;
import com.otp.otp_library.utilis.Log;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Enumeration;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.io.IOUtils;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.X509Extension;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.jce.X509KeyUsage;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.bouncycastle.x509.extension.AuthorityKeyIdentifierStructure;
import org.bouncycastle.x509.extension.SubjectKeyIdentifierStructure;

/* loaded from: classes2.dex */
public class KeyManagement {
    public static final String TAG = "KeyManagement";
    private KeyStore keyStore;
    private PrivateKey mPrivateKey;
    private X509Certificate mX509Certificate;
    private KeyManagementCallback managementCallback;

    /* loaded from: classes2.dex */
    private class GenerateKeys extends AsyncTask<Void, String, Boolean> {
        String alias;

        GenerateKeys(String str) {
            this.alias = str;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public Boolean doInBackground(Void... voidArr) {
            try {
                if (KeyManagement.this.keyStore == null) {
                    return false;
                }
                if (KeyManagement.this.keyStore.containsAlias(this.alias)) {
                    throw new Exception(Constants.KEYSTORE_ERROR);
                }
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                if (Constants.UIDAI_TEST_CASE_4_DEVICE_KEY_ROTATION) {
                    calendar2.add(12, 2);
                } else {
                    calendar2.add(11, 648);
                }
                KeyPair generateKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
                X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
                X500Principal x500Principal = new X500Principal("CN=Integra Micro System Pvt Ltd, C=IN, O=Integra Micro System Pvt Ltd, OU=iMFAST, ST=Karnataka");
                x509V3CertificateGenerator.setSerialNumber(BigInteger.ONE);
                x509V3CertificateGenerator.setIssuerDN(x500Principal);
                x509V3CertificateGenerator.setNotBefore(calendar.getTime());
                x509V3CertificateGenerator.setNotAfter(calendar2.getTime());
                x509V3CertificateGenerator.setSubjectDN(x500Principal);
                x509V3CertificateGenerator.setPublicKey(generateKeyPair.getPublic());
                x509V3CertificateGenerator.setSignatureAlgorithm(Constants.SIGN_ALGORITHM);
                x509V3CertificateGenerator.addExtension((DERObjectIdentifier) X509Extensions.BasicConstraints, true, (ASN1Encodable) new BasicConstraints(true));
                x509V3CertificateGenerator.addExtension((DERObjectIdentifier) X509Extensions.AuthorityKeyIdentifier, false, (ASN1Encodable) new AuthorityKeyIdentifierStructure(generateKeyPair.getPublic()));
                x509V3CertificateGenerator.addExtension((DERObjectIdentifier) X509Extensions.SubjectKeyIdentifier, false, (ASN1Encodable) new SubjectKeyIdentifierStructure(generateKeyPair.getPublic()));
                x509V3CertificateGenerator.addExtension((DERObjectIdentifier) X509Extension.keyUsage, true, (ASN1Encodable) new X509KeyUsage(6));
                KeyManagement.this.mX509Certificate = x509V3CertificateGenerator.generate(generateKeyPair.getPrivate());
                KeyManagement.this.mPrivateKey = generateKeyPair.getPrivate();
                Log.d(KeyManagement.TAG, "Key generated successfully");
                return true;
            } catch (Exception e) {
                e.printStackTrace();
                return false;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(Boolean bool) {
            super.onPostExecute((GenerateKeys) bool);
            KeyManagement.this.managementCallback.keyRotationStatus(bool.booleanValue());
        }
    }

    /* loaded from: classes2.dex */
    public interface KeyManagementCallback {
        void keyRotationStatus(boolean z);
    }

    public KeyManagement() {
        try {
            this.keyStore = KeyStore.getInstance(Constants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            this.keyStore.load(null);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public KeyManagement(KeyManagementCallback keyManagementCallback) {
        this.managementCallback = keyManagementCallback;
        try {
            this.keyStore = KeyStore.getInstance(Constants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            this.keyStore.load(null);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public boolean checkValidity(String str) {
        try {
            this.keyStore = KeyStore.getInstance(Constants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            this.keyStore.load(null);
            if (this.keyStore.containsAlias(str)) {
                ((X509Certificate) this.keyStore.getCertificate(str)).checkValidity(Calendar.getInstance().getTime());
                return true;
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return Constants.UIDAI_TEST_CASE_4_DEVICE_KEY_ROTATION;
    }

    public void createNewKeys(String str) throws Exception {
        new GenerateKeys(str).execute(new Void[0]);
    }

    public void deleteAllKeys() {
        try {
            Enumeration<String> aliases = this.keyStore.aliases();
            while (aliases.hasMoreElements()) {
                this.keyStore.deleteEntry(aliases.nextElement());
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public boolean deleteKey(String str) throws Exception {
        if (this.keyStore.containsAlias(str)) {
            Log.d(TAG, "alias : " + str);
            this.keyStore.deleteEntry(str);
        }
        return true;
    }

    public String getPublicKeyEncodedFormat(String str, boolean z) {
        if (!z) {
            try {
                this.mX509Certificate = (X509Certificate) this.keyStore.getCertificate(str);
            } catch (Exception e) {
                e.printStackTrace();
                return null;
            }
        }
        this.keyStore.load(null);
        if (this.mX509Certificate == null) {
            return null;
        }
        String encodeToString = Base64.encodeToString(this.mX509Certificate.getEncoded(), 2);
        Log.d(TAG, "encodedCert :\n" + encodeToString);
        return z ? Constants.CERT_BEGIN + IOUtils.LINE_SEPARATOR_UNIX + encodeToString + IOUtils.LINE_SEPARATOR_UNIX + Constants.CERT_END : encodeToString;
    }

    public boolean importSignedPublicKey(String str, String str2) throws Exception {
        this.keyStore.setKeyEntry(str, this.mPrivateKey, null, new Certificate[]{(X509Certificate) CertificateFactory.getInstance(Constants.CERTIFICATE_TYPE).generateCertificate(new ByteArrayInputStream(Base64.decode(str2, 2)))});
        return true;
    }

    public boolean isKeyAvailable(String str) {
        try {
            this.keyStore = KeyStore.getInstance(Constants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            this.keyStore.load(null);
            return this.keyStore.containsAlias(str);
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }
}
