package cn.com.chinatelecom.account.util.security.keystore;

import android.annotation.TargetApi;
import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import cn.com.chinatelecom.account.util.al;
import cn.com.chinatelecom.account.util.security.keystore.b;
import cn.com.chinatelecom.account.util.w;
import com.corp21cn.ads.util.AdUtil;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;
import org.eclipse.paho.client.mqttv3.MqttTopic;

/* compiled from: RSACipherManager.java */
@TargetApi(18)
/* loaded from: classes.dex */
public class d implements b {
    protected String a;
    protected String b;
    private Context c;
    private Cipher d;
    private byte[] e;
    private String f;
    private KeyStore g;

    @TargetApi(18)
    public d(b.a aVar) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException, NoSuchPaddingException {
        this.c = aVar.e;
        this.f = aVar.d;
        this.a = aVar.b;
        this.b = aVar.c;
        c();
        d();
    }

    @Override // cn.com.chinatelecom.account.util.security.keystore.b
    public String a(String str) throws KeyStoreException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException, CertificateException {
        if (!b() && !b()) {
            a();
        }
        this.d.init(1, this.g.getCertificate(this.f).getPublicKey());
        this.e = this.d.getIV();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, this.d);
        cipherOutputStream.write(str.getBytes(AdUtil.AD_ENCODING));
        cipherOutputStream.close();
        return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 2);
    }

    public void a() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException, KeyStoreException {
        if (this.g == null) {
            try {
                c();
            } catch (IOException e) {
                e.printStackTrace();
                w.b("RSACipherManger" + e);
            } catch (CertificateException e2) {
                e2.printStackTrace();
                w.b("RSACipherManger" + e2);
            } catch (Exception e3) {
                w.b("RSACipherManger" + e3);
            }
        }
        if (this.g.containsAlias(this.f)) {
            return;
        }
        e();
        if ("true".equals(al.a("test_hasCreateNewKey", ""))) {
            f.a(this.c, "", "TEST2_CREAT_A_NEW_KEY_AGAIN");
        } else {
            f.a(this.c, "", "TEST2_CREAT_A_NEW_KEY");
        }
        al.b("test_hasCreateNewKey", "true");
    }

    @Override // cn.com.chinatelecom.account.util.security.keystore.b
    public void a(byte[] bArr) {
        this.e = bArr;
    }

    @Override // cn.com.chinatelecom.account.util.security.keystore.b
    public String b(String str) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, UnrecoverableKeyException, NoSuchPaddingException, InvalidKeyException, IOException, InvalidAlgorithmParameterException {
        this.d.init(2, (PrivateKey) this.g.getKey(this.f, null));
        this.e = this.d.getIV();
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 2)), this.d);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                byteArrayOutputStream.close();
                return byteArrayOutputStream.toString(AdUtil.AD_ENCODING);
            }
            byteArrayOutputStream.write(read);
        }
    }

    public boolean b() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException, NoSuchPaddingException {
        if (this.g == null) {
            c();
        }
        return this.g.containsAlias(this.f);
    }

    public void c() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException {
        this.g = KeyStore.getInstance("AndroidKeyStore");
        this.g.load(null);
    }

    public void d() throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException {
        this.d = Cipher.getInstance("RSA/" + this.a + MqttTopic.TOPIC_LEVEL_SEPARATOR + this.b, "AndroidOpenSSL");
    }

    public void e() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException, KeyStoreException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 100);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(this.c).setAlias(this.f).setSubject(new X500Principal("CN=CipherManager")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
        keyPairGenerator.generateKeyPair();
    }

    @Override // cn.com.chinatelecom.account.util.security.keystore.b
    public byte[] f() {
        return this.e;
    }
}
