package com.ft.iot.iam.utils;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Log;
import com.ft.jpmc.app.MyApplication;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;

/* compiled from: KeyStoreUtils.kt */
@Metadata(d1 = {"\u0000\f\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0003\u0018\u0000 \u00032\u00020\u0001:\u0001\u0003B\u0005¢\u0006\u0002\u0010\u0002¨\u0006\u0004"}, d2 = {"Lcom/ft/iot/iam/utils/KeyStoreUtils;", "", "()V", "Companion", "app_release"}, k = 1, mv = {1, 5, 1}, xi = 48)
/* loaded from: classes.dex */
public final class KeyStoreUtils {

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    public static final String TAG = "KeyStoreUtils";
    public static final String alias = "jpmc_app";
    private static final Context context = null;
    private static final int maxExpiredTime = 1000;
    private static final int rsaDecryptBlock = 256;
    private static final int rsaEncryptBlock = 244;
    private static final String x500PrincipalName = "CN=MyKey, O=Android Authority";

    /* compiled from: KeyStoreUtils.kt */
    @Metadata(d1 = {"\u00008\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\b\n\u0002\b\u0004\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0012\n\u0002\b\u0003\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0006\u0010\r\u001a\u00020\u000eJ\u0006\u0010\u000f\u001a\u00020\u0010J\u0010\u0010\u0011\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u0012\u001a\u00020\u0004J\u0010\u0010\u0013\u001a\u0004\u0018\u00010\u00142\u0006\u0010\u0012\u001a\u00020\u0004J\u0010\u0010\u0015\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u0016\u001a\u00020\u0014J\u0010\u0010\u0015\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u0016\u001a\u00020\u0004R\u000e\u0010\u0003\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u0010\u0010\u0006\u001a\u0004\u0018\u00010\u0007X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\tX\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\n\u001a\u00020\tX\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u000b\u001a\u00020\tX\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\f\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000¨\u0006\u0017"}, d2 = {"Lcom/ft/iot/iam/utils/KeyStoreUtils$Companion;", "", "()V", "TAG", "", "alias", "context", "Landroid/content/Context;", "maxExpiredTime", "", "rsaDecryptBlock", "rsaEncryptBlock", "x500PrincipalName", "clearKeystore", "", "createKeyStoreEntry", "Ljava/security/KeyPair;", "decrypt", "decrypted", "decryptByteArray", "", "encrypt", "encrypted", "app_release"}, k = 1, mv = {1, 5, 1}, xi = 48)
    /* loaded from: classes.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final void clearKeystore() {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                keyStore.deleteEntry(KeyStoreUtils.alias);
                Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(\"AndroidKeyStore\").apply {\n                    load(null)\n                    deleteEntry(alias)\n                }");
            } catch (Exception e) {
                e.printStackTrace();
            }
        }

        public final KeyPair createKeyStoreEntry() {
            if (Build.VERSION.SDK_INT < 23) {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 1000);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(MyApplication.INSTANCE.getContext()).setAlias(KeyStoreUtils.alias).setSubject(new X500Principal(KeyStoreUtils.x500PrincipalName)).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                Intrinsics.checkNotNullExpressionValue(build, "Builder(MyApplication.getContext())\n                    .setAlias(alias)\n                    .setSubject(X500Principal(x500PrincipalName))\n                    .setSerialNumber(BigInteger.ONE)\n                    .setStartDate(start.time)\n                    .setEndDate(end.time)\n                    .build()");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(build);
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                Intrinsics.checkNotNullExpressionValue(generateKeyPair, "{\n                // Create new key\n                val start = Calendar.getInstance()\n                val end = Calendar.getInstance()\n                end.add(Calendar.YEAR, maxExpiredTime)\n                val spec = KeyPairGeneratorSpec.Builder(MyApplication.getContext())\n                    .setAlias(alias)\n                    .setSubject(X500Principal(x500PrincipalName))\n                    .setSerialNumber(BigInteger.ONE)\n                    .setStartDate(start.time)\n                    .setEndDate(end.time)\n                    .build()\n                val generator = KeyPairGenerator.getInstance(\"RSA\", \"AndroidKeyStore\")\n                generator.initialize(spec)\n                generator.generateKeyPair() //使用AndroidKeyStore生成密钥对\n            }");
                return generateKeyPair;
            }
            KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            Intrinsics.checkNotNullExpressionValue(keyPairGenerator2, "getInstance(\n                    KeyProperties.KEY_ALGORITHM_RSA,\n                    \"AndroidKeyStore\"\n                )");
            KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(KeyStoreUtils.alias, 3);
            builder.setDigests("SHA-256", "SHA-512");
            builder.setEncryptionPaddings("PKCS1Padding");
            builder.setUserAuthenticationRequired(false);
            KeyGenParameterSpec build2 = builder.build();
            Intrinsics.checkNotNullExpressionValue(build2, "Builder(\n                    alias,\n                    KeyProperties.PURPOSE_DECRYPT or KeyProperties.PURPOSE_ENCRYPT\n                ).run {\n                    setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA512)\n                    setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)\n                    setUserAuthenticationRequired(false)\n                    build()\n                }");
            keyPairGenerator2.initialize(build2);
            KeyPair generateKeyPair2 = keyPairGenerator2.generateKeyPair();
            Intrinsics.checkNotNullExpressionValue(generateKeyPair2, "{\n                val kpg: KeyPairGenerator  = KeyPairGenerator.getInstance(\n                    KeyProperties.KEY_ALGORITHM_RSA,\n                    \"AndroidKeyStore\"\n                )\n                val parameterSpec: KeyGenParameterSpec = KeyGenParameterSpec.Builder(\n                    alias,\n                    KeyProperties.PURPOSE_DECRYPT or KeyProperties.PURPOSE_ENCRYPT\n                ).run {\n                    setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA512)\n                    setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)\n                    setUserAuthenticationRequired(false)\n                    build()\n                }\n\n                kpg.initialize(parameterSpec)\n                kpg.generateKeyPair()\n            }");
            return generateKeyPair2;
        }

        public final String decrypt(String decrypted) {
            byte[] doFinal;
            Intrinsics.checkNotNullParameter(decrypted, "decrypted");
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(\"AndroidKeyStore\").apply {\n                load(null)\n            }");
            if (!keyStore.containsAlias(KeyStoreUtils.alias)) {
                createKeyStoreEntry();
            }
            Key key = keyStore.getKey(KeyStoreUtils.alias, null);
            if (key == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.PrivateKey");
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, (PrivateKey) key);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] decodeBase64 = Base64UtilKt.decodeBase64(decrypted);
            Intrinsics.checkNotNullExpressionValue(decodeBase64, "decodeBase64(decrypted)");
            int length = decodeBase64.length;
            int i = 0;
            int i2 = 0;
            while (true) {
                int i3 = length - i;
                if (i3 <= 0) {
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    Intrinsics.checkNotNullExpressionValue(byteArray, "out.toByteArray()");
                    byteArrayOutputStream.close();
                    return new String(byteArray, 0, byteArray.length, Charsets.UTF_8);
                }
                if (i3 > 256) {
                    doFinal = cipher.doFinal(decodeBase64, i, 256);
                    Intrinsics.checkNotNullExpressionValue(doFinal, "{\n                        outCipher.doFinal(encryptedData, offSet, rsaDecryptBlock)\n                    }");
                } else {
                    doFinal = cipher.doFinal(decodeBase64, i, i3);
                    Intrinsics.checkNotNullExpressionValue(doFinal, "{\n                        outCipher.doFinal(encryptedData, offSet, inputLen - offSet)\n                    }");
                }
                byteArrayOutputStream.write(doFinal, 0, doFinal.length);
                i2++;
                i = i2 * 256;
            }
        }

        public final byte[] decryptByteArray(String decrypted) {
            byte[] doFinal;
            Intrinsics.checkNotNullParameter(decrypted, "decrypted");
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(\"AndroidKeyStore\").apply {\n                load(null)\n            }");
            if (!keyStore.containsAlias(KeyStoreUtils.alias)) {
                createKeyStoreEntry();
            }
            Key key = keyStore.getKey(KeyStoreUtils.alias, null);
            if (key == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.PrivateKey");
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, (PrivateKey) key);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] decodeBase64 = Base64UtilKt.decodeBase64(decrypted);
            Intrinsics.checkNotNullExpressionValue(decodeBase64, "decodeBase64(decrypted)");
            int length = decodeBase64.length;
            int i = 0;
            int i2 = 0;
            while (true) {
                int i3 = length - i;
                if (i3 <= 0) {
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    Intrinsics.checkNotNullExpressionValue(byteArray, "out.toByteArray()");
                    byteArrayOutputStream.close();
                    return byteArray;
                }
                if (i3 > 256) {
                    doFinal = cipher.doFinal(decodeBase64, i, 256);
                    Intrinsics.checkNotNullExpressionValue(doFinal, "{\n                    outCipher.doFinal(encryptedData, offSet, rsaDecryptBlock)\n                }");
                } else {
                    doFinal = cipher.doFinal(decodeBase64, i, i3);
                    Intrinsics.checkNotNullExpressionValue(doFinal, "{\n                    outCipher.doFinal(encryptedData, offSet, inputLen - offSet)\n                }");
                }
                byteArrayOutputStream.write(doFinal, 0, doFinal.length);
                i2++;
                i = i2 * 256;
            }
        }

        public final String encrypt(String encrypted) {
            byte[] doFinal;
            Intrinsics.checkNotNullParameter(encrypted, "encrypted");
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(\"AndroidKeyStore\").apply {\n                load(null)\n            }");
            if (!keyStore.containsAlias(KeyStoreUtils.alias)) {
                createKeyStoreEntry();
            }
            KeyStore.Entry entry = keyStore.getEntry(KeyStoreUtils.alias, null);
            Intrinsics.checkNotNullExpressionValue(entry, "ks.getEntry(alias, null)");
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                Log.w(KeyStoreUtils.TAG, "Not an instance of a PrivateKeyEntry");
                return null;
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int length = encrypted.length();
            byte[] bytes = encrypted.getBytes(Charsets.UTF_8);
            Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
            int i = 0;
            int i2 = 0;
            while (true) {
                int i3 = length - i;
                if (i3 <= 0) {
                    byte[] encryptedData = byteArrayOutputStream.toByteArray();
                    byteArrayOutputStream.close();
                    Intrinsics.checkNotNullExpressionValue(encryptedData, "encryptedData");
                    return Base64UtilKt.encodeBase64URLSafeString(encryptedData);
                }
                if (i3 > KeyStoreUtils.rsaEncryptBlock) {
                    doFinal = cipher.doFinal(bytes, i, KeyStoreUtils.rsaEncryptBlock);
                    Intrinsics.checkNotNullExpressionValue(doFinal, "{\n                            inCipher.doFinal(inputData, offSet, rsaEncryptBlock)\n                        }");
                } else {
                    doFinal = cipher.doFinal(bytes, i, i3);
                    Intrinsics.checkNotNullExpressionValue(doFinal, "{\n                            inCipher.doFinal(\n                                inputData,\n                                offSet,\n                                inputLen - offSet\n                            ) //RSA每块加密后的密文长度都是256\n                        }");
                }
                byteArrayOutputStream.write(doFinal, 0, doFinal.length);
                i2++;
                i = i2 * KeyStoreUtils.rsaEncryptBlock;
            }
        }

        public final String encrypt(byte[] encrypted) {
            byte[] doFinal;
            Intrinsics.checkNotNullParameter(encrypted, "encrypted");
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(\"AndroidKeyStore\").apply {\n                load(null)\n            }");
            if (!keyStore.containsAlias(KeyStoreUtils.alias)) {
                createKeyStoreEntry();
            }
            KeyStore.Entry entry = keyStore.getEntry(KeyStoreUtils.alias, null);
            Intrinsics.checkNotNullExpressionValue(entry, "ks.getEntry(alias, null)");
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                Log.w(KeyStoreUtils.TAG, "Not an instance of a PrivateKeyEntry");
                return null;
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int length = encrypted.length;
            int i = 0;
            int i2 = 0;
            while (true) {
                int i3 = length - i;
                if (i3 <= 0) {
                    byte[] encryptedData = byteArrayOutputStream.toByteArray();
                    byteArrayOutputStream.close();
                    Intrinsics.checkNotNullExpressionValue(encryptedData, "encryptedData");
                    return Base64UtilKt.encodeBase64URLSafeString(encryptedData);
                }
                if (i3 > KeyStoreUtils.rsaEncryptBlock) {
                    doFinal = cipher.doFinal(encrypted, i, KeyStoreUtils.rsaEncryptBlock);
                    Intrinsics.checkNotNullExpressionValue(doFinal, "{\n                    inCipher.doFinal(inputData, offSet, rsaEncryptBlock)\n                }");
                } else {
                    doFinal = cipher.doFinal(encrypted, i, i3);
                    Intrinsics.checkNotNullExpressionValue(doFinal, "{\n                    inCipher.doFinal(\n                        inputData,\n                        offSet,\n                        inputLen - offSet\n                    ) //RSA每块加密后的密文长度都是256\n                }");
                }
                byteArrayOutputStream.write(doFinal, 0, doFinal.length);
                i2++;
                i = i2 * KeyStoreUtils.rsaEncryptBlock;
            }
        }
    }
}
