package com.xiaomi.passport.utils;

import android.text.TextUtils;
import android.util.Base64;
import com.xiaomi.accountsdk.account.exception.CryptoException;
import com.xiaomi.accountsdk.request.CipherException;
import com.xiaomi.accountsdk.utils.AESCoder;
import com.xiaomi.accountsdk.utils.RSACoder;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

/* loaded from: classes2.dex */
public class PassportEnvEncryptUtils {
    private static final String SYMMETRIC_ALGORITHM = "AES";

    /* loaded from: classes2.dex */
    public static class EncryptException extends Exception {
        public EncryptException(Throwable th) {
            super(th);
        }
    }

    /* loaded from: classes2.dex */
    public static class EncryptResult {
        public String content;
        public String encryptedKey;
    }

    /* loaded from: classes2.dex */
    public static class EncryptResultWithIv extends EncryptResult {
        public byte[] iv;
    }

    private static String aesEncrypt(String str, SecretKey secretKey, byte[] bArr) throws EncryptException {
        try {
            return new AESCoder(secretKey.getEncoded()).encryptWithIv(str, bArr);
        } catch (CipherException e) {
            throw new EncryptException(e);
        }
    }

    @Deprecated
    public static EncryptResult encrypt(String str) throws EncryptException {
        return encryptWithIv(str, AESCoder.DEFAULT_IV);
    }

    public static EncryptResult encrypt(String[] strArr) throws EncryptException {
        return encrypt(TextUtils.join(":", strArr));
    }

    public static EncryptResultWithIv encryptWithChangingIv(String str) throws EncryptException {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return encryptWithIv(str, bArr);
    }

    private static EncryptResultWithIv encryptWithIv(String str, byte[] bArr) throws EncryptException {
        EncryptResultWithIv encryptResultWithIv = new EncryptResultWithIv();
        encryptResultWithIv.iv = (byte[]) bArr.clone();
        SecretKey generateSymmetricKey = generateSymmetricKey();
        try {
            String encodeToString = Base64.encodeToString(RSACoder.encrypt(Base64.encode(generateSymmetricKey.getEncoded(), 10), RSACoder.getCertificatePublicKey("-----BEGIN CERTIFICATE-----\nMIICDzCCAXigAwIBAgIEWBw0IzANBgkqhkiG9w0BAQUFADBMMQswCQYDVQQGEwJD\nTjEPMA0GA1UEChMGeGlhb21pMQ8wDQYDVQQLEwZ4aWFvbWkxGzAZBgNVBAMTEmFj\nY291bnQueGlhb21pLmNvbTAeFw0xNjExMDQwNzA5MjNaFw0xNzExMDQwNzA5MjNa\nMEwxCzAJBgNVBAYTAkNOMQ8wDQYDVQQKEwZ4aWFvbWkxDzANBgNVBAsTBnhpYW9t\naTEbMBkGA1UEAxMSYWNjb3VudC54aWFvbWkuY29tMIGfMA0GCSqGSIb3DQEBAQUA\nA4GNADCBiQKBgQCHcPEm9Wo8/LWHL8mohOV5YalTgZLzng+nWCEkIRP//6GohYlI\nh3dvGpueJvQ3Sany/3dLx0x6MQKA34NxRyoO37R/LgPZUfe6eWzHQeColBBHxTED\nbCqDh46Gv5vogjqHRl4+q2WGCmZOIfmPjNHQWG8sMIZyTqFCLc6gk9vSewIDAQAB\nMA0GCSqGSIb3DQEBBQUAA4GBAHaPnscaxSPh0N0Z5OgQ6PcWr5uYPLMweatYGZRH\nSFxwSqYXpqIowuRxmrBj+oE5rG5rzFCtNjCBoeMVy/7JXZr9Juaw9NCWaTaqrmIV\nP4nK/0kizCvkx3088OOCGextGeZUC9/PCbVUEcRvGLwSrvgqiC1KG4ufeIdQWBaJ\n8ZlG\n-----END CERTIFICATE-----\n")), 10);
            encryptResultWithIv.content = aesEncrypt(str, generateSymmetricKey, encryptResultWithIv.iv);
            encryptResultWithIv.encryptedKey = encodeToString;
            return encryptResultWithIv;
        } catch (CryptoException e) {
            throw new EncryptException(e);
        }
    }

    private static SecretKey generateSymmetricKey() throws EncryptException {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(SYMMETRIC_ALGORITHM);
            keyGenerator.init(new SecureRandom());
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            throw new EncryptException(e);
        }
    }
}
