package com.backbase.android.utils.crypto;

import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.RequiresApi;
import com.backbase.android.Backbase;
import com.backbase.android.core.utils.BBLogger;
import com.backbase.android.core.utils.DoNotObfuscate;
import com.backbase.android.plugins.storage.persistent.EncryptedStorage;
import com.backbase.android.plugins.storage.persistent.EncryptedStorageComponent;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;

@DoNotObfuscate
/* loaded from: classes4.dex */
public class BBPKIUtils {
    public static final String CURVE_NAME = "secp256r1";
    public static final String KEY_PAIR_ALG = "EC";
    public static final String PUBLIC_KEY_EXPORT_FORMAT = "ALG_KEY_ECC_X962_DER";
    public static final String SIGNATURE_ALG = "SHA256withECDSA";
    public static final String SIGNATURE_FORMAT = "ALG_SIGN_SECP256R1_ECDSA_SHA256_DER";
    private static final String TAG = "BBPKIUtils";
    public static final String UNABLE_TO_LOAD_KEY_STORE = "Unable to load KeyStore";
    private static final String UNABLE_TO_SIGN = "Unable to sign data";
    private static BBPKIUtils instance;
    private static BBPKIUtils unsealedInstance;
    public rk.c storage;

    /* loaded from: classes4.dex */
    public static final class a extends RuntimeException {
        public a(@NonNull String str) {
            super("Alias \"" + str + "\" is not valid.");
        }
    }

    /* loaded from: classes4.dex */
    public static final class b extends RuntimeException {
        public b(@NonNull String str) {
            super("Key pair " + str + " is already stored in the KeyStore.");
        }
    }

    /* loaded from: classes4.dex */
    public static final class c extends RuntimeException {
        public c(@NonNull String str) {
            super("No key pair with alias " + str + " is stored in the KeyStore.");
        }
    }

    private BBPKIUtils() {
    }

    @NonNull
    @RequiresApi(23)
    public static BBPKIUtils getInstance() {
        if (instance == null) {
            BBPKIUtils bBPKIUtils = new BBPKIUtils();
            instance = bBPKIUtils;
            bBPKIUtils.storage = new rk.a();
        }
        return instance;
    }

    @Nullable
    public static Signature getSignatureObjectFromPrivateKey(@NonNull byte[] bArr) {
        try {
            PrivateKey generatePrivate = KeyFactory.getInstance(KEY_PAIR_ALG).generatePrivate(new PKCS8EncodedKeySpec(bArr));
            Signature signature = Signature.getInstance(SIGNATURE_ALG);
            signature.initSign(generatePrivate);
            return signature;
        } catch (GeneralSecurityException e11) {
            BBLogger.error(TAG, e11, UNABLE_TO_SIGN);
            return null;
        }
    }

    @Nullable
    public static byte[] getSignatureOfByteArray(@NonNull Signature signature, @NonNull byte[] bArr) {
        try {
            signature.update(bArr);
            return signature.sign();
        } catch (Exception e11) {
            BBLogger.error(TAG, e11, UNABLE_TO_SIGN);
            return null;
        }
    }

    @NonNull
    public static BBPKIUtils getUnsealedInstance() {
        if (unsealedInstance == null) {
            BBPKIUtils bBPKIUtils = new BBPKIUtils();
            unsealedInstance = bBPKIUtils;
            bBPKIUtils.storage = new rk.b((EncryptedStorageComponent) ((EncryptedStorage) Backbase.getInstance().getRegisteredPlugin(EncryptedStorage.class)).getStorageComponent());
        }
        return unsealedInstance;
    }

    public boolean deleteKeyPair(@NonNull String str) {
        return this.storage.d(str);
    }

    public boolean generateKeyPair(@NonNull String str) {
        return this.storage.a(str);
    }

    public boolean generateKeyPair(@NonNull String str, boolean z11) {
        return this.storage.b(str, z11);
    }

    @Nullable
    public byte[] getPrivateKey(@NonNull String str) {
        return this.storage.g(str).getEncoded();
    }

    @Nullable
    public byte[] getPublicKey(@NonNull String str) {
        return this.storage.f(str).getEncoded();
    }

    @Nullable
    public Signature getSignatureObject(@NonNull String str) {
        try {
            Signature signature = Signature.getInstance(SIGNATURE_ALG);
            signature.initSign(this.storage.g(str));
            return signature;
        } catch (GeneralSecurityException e11) {
            BBLogger.error(TAG, e11, UNABLE_TO_SIGN);
            return null;
        }
    }

    public boolean hasKeyPair(@NonNull String str) {
        return this.storage.c(str);
    }

    public boolean hasKeyPairInsideSecurityHardware(@NonNull String str) {
        return this.storage.e(str);
    }

    public boolean isKeyPairValid(@NonNull String str) {
        try {
            Signature.getInstance(SIGNATURE_ALG).initSign(this.storage.g(str));
            return true;
        } catch (GeneralSecurityException unused) {
            return false;
        }
    }

    public boolean verifySignature(@NonNull String str, @NonNull String str2, @NonNull byte[] bArr) {
        try {
            Signature signature = Signature.getInstance(SIGNATURE_ALG);
            signature.initVerify(this.storage.f(str));
            signature.update(str2.getBytes());
            return signature.verify(qk.a.c(new String(bArr)));
        } catch (Exception e11) {
            BBLogger.error(TAG, e11, UNABLE_TO_SIGN);
            return false;
        }
    }
}
