package com.xplor.home.common.security;

import android.content.Context;
import android.os.Build;
import android.preference.PreferenceManager;
import android.security.KeyPairGeneratorSpec;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Ref;
import networking.JsonKeys;

/* compiled from: KeyStoreUtil.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000P\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010\b\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0002\b\u0004\u0018\u00002\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002J\u0018\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u00042\u0006\u0010\u0012\u001a\u00020\u0013H\u0002J\u0010\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\u0004H\u0002J\u000e\u0010\u0017\u001a\u00020\u00182\u0006\u0010\u0012\u001a\u00020\u0013J\b\u0010\u0019\u001a\u00020\u0004H\u0002J\u0010\u0010\u001a\u001a\u0004\u0018\u00010\u00152\u0006\u0010\u0012\u001a\u00020\u0013J\b\u0010\u001b\u001a\u00020\u001cH\u0002J\u0012\u0010\u001d\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u0003\u001a\u00020\u0004H\u0002J\u000e\u0010\u001e\u001a\u00020\u001f2\u0006\u0010 \u001a\u00020\u001fJ\u000e\u0010!\u001a\u00020\u001f2\u0006\u0010\"\u001a\u00020\u001fR\u000e\u0010\u0003\u001a\u00020\u0004X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082D¢\u0006\u0002\n\u0000R\u0010\u0010\b\u001a\u0004\u0018\u00010\tX\u0082\u000e¢\u0006\u0002\n\u0000R\u000e\u0010\n\u001a\u00020\u0004X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\u000b\u001a\u00020\u0004X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\f\u001a\u00020\u0004X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\r\u001a\u00020\u0004X\u0082D¢\u0006\u0002\n\u0000R\u000e\u0010\u000e\u001a\u00020\u0004X\u0082D¢\u0006\u0002\n\u0000¨\u0006#"}, d2 = {"Lcom/xplor/home/common/security/KeyStoreUtil;", "", "()V", "encryptedAESPassword", "", "keyAlias", "keySize", "", "keyStore", "Ljava/security/KeyStore;", "keystoreAlgorithm", "keystoreName", "provider", "providerPreAndroidM", "rsaMode", "encryptAndSaveAESPassword", "", "aesPassword", JsonKeys.Object.contextKey, "Landroid/content/Context;", "generateAESKey", "Ljavax/crypto/spec/SecretKeySpec;", "password", "generateRSAKey", "", "generateRandomPassword", "getAESEncryptionKey", "getCipher", "Ljavax/crypto/Cipher;", "getDecryptedAESPassword", "rsaDecrypt", "", "encrypted", "rsaEncrypt", "secret", "app_productionRelease"}, k = 1, mv = {1, 4, 1})
/* loaded from: classes2.dex */
public final class KeyStoreUtil {
    private KeyStore keyStore;
    private final String keystoreName = "AndroidKeyStore";
    private final String keyAlias = "KEYSTORE_XPLOR_EDUCATOR_ALIAS";
    private final String rsaMode = "RSA/ECB/PKCS1Padding";
    private final String providerPreAndroidM = "AndroidOpenSSL";
    private final String provider = "AndroidKeyStoreBCWorkaround";
    private final String keystoreAlgorithm = "RSA";
    private final int keySize = 32;
    private final String encryptedAESPassword = "ENCRYPTED_AES_PASSWORD";

    public KeyStoreUtil() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.keyStore = keyStore;
            if (keyStore != null) {
                keyStore.load(null);
            }
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (CertificateException e4) {
            e4.printStackTrace();
        }
    }

    private final boolean encryptAndSaveAESPassword(String aesPassword, Context context) {
        try {
            PreferenceManager.getDefaultSharedPreferences(context).edit().putString(this.encryptedAESPassword, PasswordSecurity.INSTANCE.encryptPassword(aesPassword, context)).apply();
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    private final SecretKeySpec generateAESKey(String password) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        Charset forName = Charset.forName("UTF-8");
        Intrinsics.checkNotNullExpressionValue(forName, "Charset.forName(charsetName)");
        Objects.requireNonNull(password, "null cannot be cast to non-null type java.lang.String");
        byte[] bytes = password.getBytes(forName);
        Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
        byte[] copyOf = Arrays.copyOf(bytes, 32);
        Intrinsics.checkNotNullExpressionValue(copyOf, "java.util.Arrays.copyOf(this, newSize)");
        return new SecretKeySpec(copyOf, "AES");
    }

    private final String generateRandomPassword() {
        String bigInteger = new BigInteger(this.keySize * 8, new SecureRandom()).toString(this.keySize);
        Intrinsics.checkNotNullExpressionValue(bigInteger, "BigInteger(keySize * 8, …Random).toString(keySize)");
        return bigInteger;
    }

    private final Cipher getCipher() {
        try {
            if (Build.VERSION.SDK_INT < 23) {
                Cipher cipher = Cipher.getInstance(this.rsaMode, this.providerPreAndroidM);
                Intrinsics.checkNotNullExpressionValue(cipher, "Cipher.getInstance(rsaMode, providerPreAndroidM)");
                return cipher;
            }
            Cipher cipher2 = Cipher.getInstance(this.rsaMode, this.provider);
            Intrinsics.checkNotNullExpressionValue(cipher2, "Cipher.getInstance(rsaMode, provider)");
            return cipher2;
        } catch (Exception e) {
            throw new RuntimeException("getCipher: Failed to get an instance of Cipher", e);
        }
    }

    private final String getDecryptedAESPassword(String encryptedAESPassword) {
        try {
            return PasswordSecurity.INSTANCE.decryptPassword(encryptedAESPassword);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public final void generateRSAKey(Context context) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException {
        Intrinsics.checkNotNullParameter(context, "context");
        KeyStore keyStore = this.keyStore;
        if (keyStore == null || keyStore.containsAlias(this.keyAlias)) {
            return;
        }
        Calendar start = Calendar.getInstance();
        Calendar end = Calendar.getInstance();
        end.add(1, 30);
        KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(context).setAlias(this.keyAlias).setSubject(new X500Principal("CN=" + this.keyAlias)).setSerialNumber(BigInteger.TEN);
        Intrinsics.checkNotNullExpressionValue(start, "start");
        KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(start.getTime());
        Intrinsics.checkNotNullExpressionValue(end, "end");
        KeyPairGeneratorSpec build = startDate.setEndDate(end.getTime()).build();
        Intrinsics.checkNotNullExpressionValue(build, "KeyPairGeneratorSpec.Bui…                 .build()");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.keystoreAlgorithm, this.keystoreName);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    public final SecretKeySpec getAESEncryptionKey(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        String string = PreferenceManager.getDefaultSharedPreferences(context).getString(this.encryptedAESPassword, "");
        String str = string != null ? string : "";
        Intrinsics.checkNotNullExpressionValue(str, "PreferenceManager.getDef…tedAESPassword, \"\") ?: \"\"");
        if (str.length() == 0) {
            String generateRandomPassword = generateRandomPassword();
            if (encryptAndSaveAESPassword(generateRandomPassword, context)) {
                return generateAESKey(generateRandomPassword);
            }
            return null;
        }
        String decryptedAESPassword = getDecryptedAESPassword(str);
        if (decryptedAESPassword != null) {
            return generateAESKey(decryptedAESPassword);
        }
        return null;
    }

    public final byte[] rsaDecrypt(byte[] encrypted) throws Exception, KeyStoreException {
        Intrinsics.checkNotNullParameter(encrypted, "encrypted");
        KeyStore keyStore = this.keyStore;
        KeyStore.Entry entry = keyStore != null ? keyStore.getEntry(this.keyAlias, null) : null;
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) (entry instanceof KeyStore.PrivateKeyEntry ? entry : null);
        if (privateKeyEntry == null) {
            return new byte[0];
        }
        Cipher cipher = getCipher();
        cipher.init(2, privateKeyEntry.getPrivateKey());
        final CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(encrypted), cipher);
        ArrayList arrayList = new ArrayList();
        final Ref.IntRef intRef = new Ref.IntRef();
        intRef.element = 0;
        while (new Function0<Integer>() { // from class: com.xplor.home.common.security.KeyStoreUtil$rsaDecrypt$1$1
            /* JADX INFO: Access modifiers changed from: package-private */
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(0);
            }

            /* renamed from: invoke, reason: avoid collision after fix types in other method */
            public final int invoke2() {
                Ref.IntRef.this.element = cipherInputStream.read();
                return Ref.IntRef.this.element;
            }

            @Override // kotlin.jvm.functions.Function0
            public /* bridge */ /* synthetic */ Integer invoke() {
                return Integer.valueOf(invoke2());
            }
        }.invoke().intValue() != -1) {
            arrayList.add(Byte.valueOf((byte) intRef.element));
        }
        int size = arrayList.size();
        byte[] bArr = new byte[size];
        for (int i = 0; i < size; i++) {
            Object obj = arrayList.get(i);
            Intrinsics.checkNotNullExpressionValue(obj, "values[i]");
            bArr[i] = ((Number) obj).byteValue();
        }
        return bArr;
    }

    public final byte[] rsaEncrypt(byte[] secret) throws Exception, KeyStoreException {
        Intrinsics.checkNotNullParameter(secret, "secret");
        KeyStore keyStore = this.keyStore;
        if (keyStore == null) {
            return new byte[0];
        }
        KeyStore.Entry entry = keyStore.getEntry(this.keyAlias, null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = getCipher();
        Certificate certificate = ((KeyStore.PrivateKeyEntry) entry).getCertificate();
        Intrinsics.checkNotNullExpressionValue(certificate, "privateKeyEntry.certificate");
        cipher.init(1, certificate.getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(secret);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "outputStream.toByteArray()");
        return byteArray;
    }
}
