package com.lenovo.stv.ail.login.util;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.bumptech.glide.load.model.stream.g;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.e0;
import kotlin.jvm.internal.f0;
import kotlin.jvm.internal.u;
import kotlin.text.d;
import org.jetbrains.annotations.NotNull;

@e0
/* loaded from: classes2.dex */
public final class KeyStoreHelper {

    @NotNull
    private static final String AES_MODE = "AES/GCM/NoPadding";

    @NotNull
    public static final Companion Companion = new Companion(null);

    @NotNull
    private static final String KEYSTORE_ALIAS = "AIL_LOGIN_SDK";

    @NotNull
    private static final String KEYSTORE_PROVIDER = "AndroidKeyStore";

    @NotNull
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";

    @NotNull
    private static final String TAG = "KEYSTORE";

    @NotNull
    private final Context context;
    private final KeyStore keyStore;

    @NotNull
    private final String ksAlias;

    @NotNull
    private final LoginSpHelper prefsHelper;

    @e0
    /* loaded from: classes2.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(u uVar) {
            this();
        }
    }

    public KeyStoreHelper(@NotNull Context context, @NotNull LoginSpHelper prefsHelper) {
        f0.f(context, "context");
        f0.f(prefsHelper, "prefsHelper");
        this.context = context;
        this.prefsHelper = prefsHelper;
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER);
        this.keyStore = keyStore;
        String i4 = f0.i(context.getPackageName(), "AIL_LOGIN_SDK_");
        this.ksAlias = i4;
        try {
            keyStore.load(null);
            if (keyStore.containsAlias(i4) && !TextUtils.isEmpty(prefsHelper.getIV()) && !TextUtils.isEmpty(prefsHelper.getAESKey())) {
                Log.w(TAG, "init() called, ksAlias is exist.");
            }
            prefsHelper.setIV("");
            genKeyStoreKey();
            genAESKey();
        } catch (Exception e4) {
            Log.e(TAG, "KeyStore init failed: ", e4);
            e4.printStackTrace();
        }
    }

    private final String decryptAES(String str) {
        Charset charset = d.f6054a;
        byte[] bytes = str.getBytes(charset);
        f0.e(bytes, "this as java.lang.String).getBytes(charset)");
        byte[] decode = Base64.decode(bytes, 0);
        Cipher cipher = Cipher.getInstance(AES_MODE);
        cipher.init(2, getAESKey(), new IvParameterSpec(getIV()));
        byte[] doFinal = cipher.doFinal(decode);
        f0.e(doFinal, "cipher.doFinal(decodedBytes)");
        return new String(doFinal, charset);
    }

    private final byte[] decryptRSA(String str) {
        Key key = this.keyStore.getKey(this.ksAlias, null);
        if (key == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.security.PrivateKey");
        }
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(2, (PrivateKey) key);
        byte[] doFinal = cipher.doFinal(Base64.decode(str, 0));
        f0.e(doFinal, "cipher.doFinal(encryptedBytes)");
        return doFinal;
    }

    private final String encryptAES(String str) {
        Cipher cipher = Cipher.getInstance(AES_MODE);
        cipher.init(1, getAESKey(), new IvParameterSpec(getIV()));
        byte[] bytes = str.getBytes(d.f6054a);
        f0.e(bytes, "this as java.lang.String).getBytes(charset)");
        String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
        f0.e(encodeToString, "encodeToString(encryptedBytes, Base64.DEFAULT)");
        return encodeToString;
    }

    private final String encryptRSA(byte[] bArr) {
        PublicKey publicKey = this.keyStore.getCertificate(this.ksAlias).getPublicKey();
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(1, publicKey);
        String encodeToString = Base64.encodeToString(cipher.doFinal(bArr), 0);
        f0.e(encodeToString, "encodeToString(encryptedByte, Base64.DEFAULT)");
        return encodeToString;
    }

    private final void genAESKey() {
        byte[] bArr = new byte[16];
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.nextBytes(bArr);
        String iv = Base64.encodeToString(secureRandom.generateSeed(12), 0);
        LoginSpHelper loginSpHelper = this.prefsHelper;
        f0.e(iv, "iv");
        loginSpHelper.setIV(iv);
        this.prefsHelper.setAESKey(encryptRSA(bArr));
    }

    private final void genKeyStoreKey() {
        AlgorithmParameterSpec build;
        String str;
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_PROVIDER);
        if (Build.VERSION.SDK_INT >= 23) {
            g.z();
            digests = g.i(this.ksAlias).setDigests("SHA-256", "SHA-512");
            encryptionPaddings = digests.setEncryptionPaddings("PKCS1Padding");
            build = encryptionPaddings.build();
            str = "{\n            KeyGenPara…       .build()\n        }";
        } else {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 30);
            build = new KeyPairGeneratorSpec.Builder(this.context).setAlias(this.ksAlias).setSubject(new X500Principal(f0.i(this.ksAlias, "CN="))).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            str = "{\n            val start …       .build()\n        }";
        }
        f0.e(build, str);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private final SecretKeySpec getAESKey() {
        return new SecretKeySpec(decryptRSA(this.prefsHelper.getAESKey()), AES_MODE);
    }

    private final byte[] getIV() {
        byte[] decode = Base64.decode(this.prefsHelper.getIV(), 0);
        f0.e(decode, "decode(prefIV, Base64.DEFAULT)");
        return decode;
    }

    @NotNull
    public final String decrypt(@NotNull String encryptedText) {
        f0.f(encryptedText, "encryptedText");
        if (TextUtils.isEmpty(encryptedText)) {
            return "";
        }
        try {
            return decryptAES(encryptedText);
        } catch (Exception e4) {
            Log.d(TAG, Log.getStackTraceString(e4));
            return "";
        }
    }

    @NotNull
    public final String encrypt(@NotNull String plainText) {
        f0.f(plainText, "plainText");
        if (TextUtils.isEmpty(plainText)) {
            return "";
        }
        try {
            return encryptAES(plainText);
        } catch (Exception e4) {
            Log.d(TAG, Log.getStackTraceString(e4));
            return "";
        }
    }
}
