package com.coles.android.flybuys.dd.component.keystore;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import timber.log.Timber;

/* loaded from: classes.dex */
public class DDKeyStore {
    private static final String AES_ENCRYPTED_KEY = "aes_encrypted_key";
    private static final String AES_MODE = "AES/ECB/PKCS7Padding";
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String DD_KEYSTORE_SHARED_PREFENCE_NAME = "ddkeystoresharedprefs";
    private static final String KEY_ALIAS = "DD_KEY_ALIAS";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final String TRANSFORMATION = "AES/GCM/NoPadding";
    private String iv = "flybuys2017i";
    private KeyStore keyStore;
    private Context mContext;

    public DDKeyStore(Context context) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException {
        this.mContext = context;
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
        this.keyStore = keyStore;
        keyStore.load(null);
    }

    private void generateAndStoreAESKey() throws Exception {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        String encodeToString = Base64.encodeToString(rsaEncrypt(bArr), 0);
        SharedPreferences.Editor edit = this.mContext.getSharedPreferences(DD_KEYSTORE_SHARED_PREFENCE_NAME, 0).edit();
        edit.putString(AES_ENCRYPTED_KEY, encodeToString);
        edit.commit();
    }

    private void generateRSAKeyPairs() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.mContext).setAlias(KEY_ALIAS).setSubject(new X500Principal("CN=DD_KEY_ALIAS")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", ANDROID_KEY_STORE);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private SecretKey generateSecretKey() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, UnrecoverableEntryException, KeyStoreException, CertificateException, IOException {
        if (this.keyStore.containsAlias(KEY_ALIAS)) {
            return getSecretKey();
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE);
        keyGenerator.init(new KeyGenParameterSpec.Builder(KEY_ALIAS, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        return keyGenerator.generateKey();
    }

    private Key getAESSecretKey() throws Exception {
        return new SecretKeySpec(rsaDecrypt(Base64.decode(this.mContext.getSharedPreferences(DD_KEYSTORE_SHARED_PREFENCE_NAME, 0).getString(AES_ENCRYPTED_KEY, null), 0)), "AES");
    }

    private SecretKey getSecretKey() throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException, CertificateException, IOException {
        return ((KeyStore.SecretKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null)).getSecretKey();
    }

    private byte[] rsaDecrypt(byte[] bArr) throws Exception {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null);
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(2, privateKeyEntry.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i = 0; i < size; i++) {
            bArr2[i] = ((Byte) arrayList.get(i)).byteValue();
        }
        return bArr2;
    }

    private byte[] rsaEncrypt(byte[] bArr) throws Exception {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null);
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    public String decryptString(String str) {
        try {
            if (Build.VERSION.SDK_INT < 23) {
                Cipher cipher = Cipher.getInstance(AES_MODE, "BC");
                cipher.init(2, getAESSecretKey());
                return new String(cipher.doFinal(Base64.decode(str, 0)), "UTF-8");
            }
            Cipher cipher2 = Cipher.getInstance(TRANSFORMATION);
            cipher2.init(2, getSecretKey(), new GCMParameterSpec(128, this.iv.getBytes()));
            return new String(cipher2.doFinal(Base64.decode(str, 0)), "UTF-8");
        } catch (IOException e) {
            e = e;
            Timber.e(e);
            return null;
        } catch (InvalidAlgorithmParameterException e2) {
            e = e2;
            Timber.e(e);
            return null;
        } catch (InvalidKeyException e3) {
            e = e3;
            Timber.e(e);
            return null;
        } catch (KeyStoreException e4) {
            e = e4;
            Timber.e(e);
            return null;
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            Timber.e(e);
            return null;
        } catch (NoSuchProviderException e6) {
            e = e6;
            Timber.e(e);
            return null;
        } catch (UnrecoverableEntryException e7) {
            e = e7;
            Timber.e(e);
            return null;
        } catch (CertificateException e8) {
            e = e8;
            Timber.e(e);
            return null;
        } catch (BadPaddingException e9) {
            e = e9;
            Timber.e(e);
            return null;
        } catch (IllegalBlockSizeException e10) {
            e = e10;
            Timber.e(e);
            return null;
        } catch (NoSuchPaddingException e11) {
            e = e11;
            Timber.e(e);
            return null;
        } catch (Exception e12) {
            Timber.e(e12);
            return null;
        }
    }

    public String encryptText(String str) {
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                Cipher cipher = Cipher.getInstance(TRANSFORMATION);
                cipher.init(1, generateSecretKey(), new GCMParameterSpec(128, this.iv.getBytes()));
                return Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 0);
            }
            if (!this.keyStore.containsAlias(KEY_ALIAS)) {
                generateRSAKeyPairs();
                generateAndStoreAESKey();
            }
            Cipher cipher2 = Cipher.getInstance(AES_MODE, "BC");
            cipher2.init(1, getAESSecretKey());
            return Base64.encodeToString(cipher2.doFinal(str.getBytes("UTF-8")), 0);
        } catch (IOException e) {
            e = e;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (InvalidAlgorithmParameterException e2) {
            e = e2;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (InvalidKeyException e3) {
            e = e3;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (KeyStoreException e4) {
            e = e4;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (NoSuchProviderException e6) {
            e = e6;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (UnrecoverableEntryException e7) {
            e = e7;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (CertificateException e8) {
            e = e8;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (BadPaddingException e9) {
            e = e9;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (IllegalBlockSizeException e10) {
            e = e10;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (NoSuchPaddingException e11) {
            e = e11;
            Timber.e(e, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        } catch (Exception e12) {
            Timber.e(e12, "Failed to encrypt string, shared preference storage failed", new Object[0]);
            return null;
        }
    }
}
