package org.chromium.android_webview;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import android.util.Log;
import com.baidu.android.common.security.RSAUtil;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class ZwEncryptionHelper {
    private final Context mContext;
    private String mPrivateKeyFile;
    private String mPublicKeyFile;
    private SharedPreferences mSharedPreferences;
    private final String TAG = "ZwEncryptionHelper";
    private final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";
    private final String ALGORITHM = "RSA/ECB/PKCS1Padding";
    private final String TEST_STRING = "SnapdragonWebEngine";
    private final String ENCRYPTION_KEY = "AwENCRYPTION_KEY";
    private final String PBE_ALGORITHM = "PBEWithSHAAndTwofish-CBC";
    private final int ITERATIONS = 1001;
    private final int KEY_VERSION = 1;
    private PrivateKey mPrivateKey = null;
    private PublicKey mPublicKey = null;
    private boolean mKeysLoaded = false;
    private String mPw = "R$^2024";

    public ZwEncryptionHelper(Context context, SharedPreferences sharedPreferences) {
        this.mPublicKeyFile = "bdkspub";
        this.mPrivateKeyFile = "bdks";
        this.mContext = context;
        this.mSharedPreferences = sharedPreferences;
        this.mPublicKeyFile = this.mContext.getApplicationInfo().dataDir + "/" + this.mPublicKeyFile;
        this.mPrivateKeyFile = this.mContext.getApplicationInfo().dataDir + "/" + this.mPrivateKeyFile;
        validatePasswordProtectionKeys();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void generatePasswordKeyPair() {
        try {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 1);
            if (Build.VERSION.SDK_INT >= 18) {
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.mContext).setAlias("AwENCRYPTION_KEY").setSubject(new X500Principal(String.format("CN=%s, OU=%s", "AwENCRYPTION_KEY", this.mContext.getPackageName()))).setSerialNumber(BigInteger.valueOf(1L)).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSAUtil.ALGORITHM_RSA, "AndroidKeyStore");
                keyPairGenerator.initialize(build);
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                this.mPrivateKey = generateKeyPair.getPrivate();
                this.mPublicKey = generateKeyPair.getPublic();
            } else {
                RSAKeyGenParameterSpec rSAKeyGenParameterSpec = new RSAKeyGenParameterSpec(1024, RSAKeyGenParameterSpec.F4);
                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(RSAUtil.ALGORITHM_RSA);
                keyPairGenerator2.initialize(rSAKeyGenParameterSpec);
                KeyPair generateKeyPair2 = keyPairGenerator2.generateKeyPair();
                this.mPrivateKey = generateKeyPair2.getPrivate();
                this.mPublicKey = generateKeyPair2.getPublic();
                saveKeyPair(generateKeyPair2.getPublic(), generateKeyPair2.getPrivate());
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, this.mPublicKey);
            byte[] doFinal = cipher.doFinal(new String("SnapdragonWebEngine").getBytes());
            if (doFinal != null) {
                this.mSharedPreferences.edit().putString("SnapdragonWebEngine", new String(Base64.encode(doFinal, 0))).commit();
            }
            this.mKeysLoaded = true;
        } catch (Exception e) {
            Log.e("ZwEncryptionHelper", "Failed to generate key pair for password protection: " + e);
            this.mPrivateKey = null;
            this.mPublicKey = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isPasswordKeyPairValid() {
        String string;
        if (this.mPrivateKey == null || this.mPublicKey == null || (string = this.mSharedPreferences.getString("SnapdragonWebEngine", null)) == null) {
            return false;
        }
        try {
            byte[] decode = Base64.decode(string.getBytes(), 0);
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, this.mPrivateKey);
            return new String(cipher.doFinal(decode)).equals("SnapdragonWebEngine");
        } catch (Exception e) {
            Log.e("ZwEncryptionHelper", "Failed to correctly decrypt TEST_STRING: " + e);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean loadPasswordKeyPair() {
        if (this.mKeysLoaded) {
            return true;
        }
        try {
            if (Build.VERSION.SDK_INT >= 18) {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("AwENCRYPTION_KEY", null);
                if (privateKeyEntry != null) {
                    this.mPublicKey = privateKeyEntry.getCertificate().getPublicKey();
                    this.mPrivateKey = privateKeyEntry.getPrivateKey();
                    this.mKeysLoaded = true;
                }
            } else {
                FileInputStream fileInputStream = new FileInputStream(this.mPublicKeyFile);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                while (true) {
                    int read = fileInputStream.read();
                    if (read == -1) {
                        break;
                    }
                    byteArrayOutputStream.write(read);
                }
                fileInputStream.close();
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(byteArray);
                KeyFactory keyFactory = KeyFactory.getInstance(RSAUtil.ALGORITHM_RSA);
                PublicKey generatePublic = keyFactory.generatePublic(x509EncodedKeySpec);
                if (generatePublic == null) {
                    Log.e("ZwEncryptionHelper", "Public key not found.");
                    return false;
                }
                this.mPublicKey = generatePublic;
                FileInputStream fileInputStream2 = new FileInputStream(this.mPrivateKeyFile);
                ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
                while (true) {
                    int read2 = fileInputStream2.read();
                    if (read2 == -1) {
                        break;
                    }
                    byteArrayOutputStream2.write(read2);
                }
                fileInputStream2.close();
                byte[] byteArray2 = byteArrayOutputStream2.toByteArray();
                byteArrayOutputStream2.close();
                PrivateKey generatePrivate = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(passwordDecryptBytes(this.mPw.toCharArray(), byteArray2)));
                if (generatePrivate == null) {
                    Log.e("ZwEncryptionHelper", "Private key not found.");
                    return false;
                }
                this.mPrivateKey = generatePrivate;
                this.mKeysLoaded = true;
            }
        } catch (Exception e) {
            Log.e("ZwEncryptionHelper", "Failed to load key pair for password protection from keystore: " + e);
        }
        return this.mKeysLoaded;
    }

    private byte[] passwordDecryptBytes(char[] cArr, byte[] bArr) {
        byte[] bArr2 = new byte[8];
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        byteArrayInputStream.read(bArr2, 0, 8);
        byte[] bArr3 = new byte[bArr.length - 8];
        byteArrayInputStream.read(bArr3, 0, bArr3.length);
        try {
            SecretKey generateSecret = SecretKeyFactory.getInstance("PBEWithSHAAndTwofish-CBC").generateSecret(new PBEKeySpec(cArr));
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr2, 1001);
            Cipher cipher = Cipher.getInstance("PBEWithSHAAndTwofish-CBC");
            cipher.init(2, generateSecret, pBEParameterSpec);
            return cipher.doFinal(bArr3);
        } catch (Exception e) {
            Log.e("ZwEncryptionHelper", "Failed to decrypt bytes with PBE: " + e);
            return null;
        }
    }

    private byte[] passwordEncryptBytes(char[] cArr, byte[] bArr) {
        byte[] bArr2 = new byte[8];
        new Random().nextBytes(bArr2);
        try {
            SecretKey generateSecret = SecretKeyFactory.getInstance("PBEWithSHAAndTwofish-CBC").generateSecret(new PBEKeySpec(cArr));
            PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(bArr2, 1001);
            Cipher cipher = Cipher.getInstance("PBEWithSHAAndTwofish-CBC");
            cipher.init(1, generateSecret, pBEParameterSpec);
            byte[] doFinal = cipher.doFinal(bArr);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byteArrayOutputStream.write(bArr2);
            byteArrayOutputStream.write(doFinal);
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            Log.e("ZwEncryptionHelper", "Failed to encrypt bytes with PBE: " + e);
            return null;
        }
    }

    private boolean saveKeyPair(PublicKey publicKey, PrivateKey privateKey) {
        if (privateKey == null || publicKey == null) {
            return false;
        }
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(this.mPublicKeyFile);
            fileOutputStream.write(publicKey.getEncoded());
            fileOutputStream.close();
            FileOutputStream fileOutputStream2 = new FileOutputStream(this.mPrivateKeyFile);
            fileOutputStream2.write(passwordEncryptBytes(this.mPw.toCharArray(), privateKey.getEncoded()));
            fileOutputStream2.close();
            return true;
        } catch (Exception e) {
            Log.e("ZwEncryptionHelper", "Failed to save public key: " + e);
            return false;
        }
    }

    private void validatePasswordProtectionKeys() {
        new Thread(new Runnable() { // from class: org.chromium.android_webview.ZwEncryptionHelper.1
            @Override // java.lang.Runnable
            public void run() {
                synchronized (this) {
                    if (!ZwEncryptionHelper.this.loadPasswordKeyPair() || !ZwEncryptionHelper.this.isPasswordKeyPairValid()) {
                        ZwSettings.clearPasswords();
                        ZwEncryptionHelper.this.generatePasswordKeyPair();
                    }
                }
            }
        }).start();
    }

    public byte[] decrypt(byte[] bArr) {
        int i;
        synchronized (this) {
            if (!this.mKeysLoaded) {
                generatePasswordKeyPair();
            }
        }
        if (this.mPrivateKey == null || bArr == null || bArr.length == 0) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, this.mPrivateKey);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int length = bArr.length;
            int blockSize = cipher.getBlockSize();
            if (blockSize == 0) {
                i = 0;
                blockSize = length;
            } else {
                i = 0;
            }
            while (i < length) {
                byteArrayOutputStream.write(cipher.doFinal(Arrays.copyOfRange(bArr, i, (length - i < blockSize ? length % blockSize : blockSize) + i)));
                i += blockSize;
            }
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            Log.e("ZwEncryptionHelper", "Decryption failed: " + e);
            return null;
        }
    }

    public byte[] encrypt(byte[] bArr) {
        int i;
        byte[] bArr2 = null;
        synchronized (this) {
            if (!this.mKeysLoaded) {
                generatePasswordKeyPair();
            }
        }
        if (this.mPublicKey == null || bArr == null || bArr.length == 0) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, this.mPublicKey);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int length = bArr.length;
            int blockSize = cipher.getBlockSize();
            if (blockSize == 0) {
                i = 0;
                blockSize = length;
            } else {
                i = 0;
            }
            while (i < length) {
                byte[] copyOfRange = Arrays.copyOfRange(bArr, i, (length - i < blockSize ? length % blockSize : blockSize) + i);
                byte[] doFinal = cipher.doFinal(copyOfRange);
                Arrays.fill(copyOfRange, (byte) 0);
                byteArrayOutputStream.write(doFinal);
                i += blockSize;
            }
            bArr2 = byteArrayOutputStream.toByteArray();
            Arrays.fill(bArr, (byte) 0);
            return bArr2;
        } catch (Exception e) {
            Log.e("ZwEncryptionHelper", "Encryption failed: " + e);
            return bArr2;
        }
    }
}
