package cr.legend.base.framework.utils.crypto;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.mobandme.ada.DataUtils;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes3.dex */
public class EncryptionUtils {
    private static final String TAG = "TPEncryptionUtils";

    /* loaded from: classes3.dex */
    private static class AesCrypt {
        private static final String CIPHER_TYPE = "AES/CBC/PKCS5Padding";
        private static final int KEYSIZE = 128;
        private static final String KEY_GENERATOR_TYPE = "AES";
        private static final String SHARED_PREFERENCES_FILE_NAME = "Crypto";
        private static AesCrypt singleton;
        private RsaCrypt mRsaCrypt = new RsaCrypt();
        private Cipher sCipher;
        private SecretKey sKey;

        private AesCrypt() {
        }

        static /* synthetic */ AesCrypt access$000() {
            return getInstance();
        }

        private static AesCrypt getInstance() {
            if (singleton == null) {
                singleton = new AesCrypt();
            }
            return singleton;
        }

        SecretKey generateKey() throws NoSuchAlgorithmException {
            if (this.sKey == null) {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                keyGenerator.init(128);
                this.sKey = keyGenerator.generateKey();
            }
            return this.sKey;
        }

        Cipher getCipher() throws NoSuchAlgorithmException, NoSuchPaddingException {
            if (this.sCipher == null) {
                this.sCipher = Cipher.getInstance(CIPHER_TYPE);
            }
            return this.sCipher;
        }

        SecretKey getKey(Context context) throws NoSuchAlgorithmException {
            if (this.sKey == null) {
                SharedPreferences sharedPreferences = context.getSharedPreferences(SHARED_PREFERENCES_FILE_NAME, 0);
                String string = sharedPreferences.getString("rsa_aes_alias", "");
                if (TextUtils.isEmpty(string)) {
                    SecretKey generateKey = generateKey();
                    this.sKey = generateKey;
                    sharedPreferences.edit().putString("rsa_aes_alias", Base64.encodeToString(this.mRsaCrypt.encryptSecretKey(generateKey), 2)).apply();
                } else {
                    this.sKey = this.mRsaCrypt.decryptAESKey(Base64.decode(string, 2));
                }
            }
            return this.sKey;
        }
    }

    /* loaded from: classes3.dex */
    public static class EncryptionException extends Exception {
        public EncryptionException(Throwable th) {
            initCause(th);
        }
    }

    /* loaded from: classes3.dex */
    public static class InitializationException extends Exception {
        public InitializationException(Throwable th) {
            initCause(th);
        }
    }

    /* loaded from: classes3.dex */
    public interface ProviderFactory {
        Provider get();
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class RsaCrypt {
        static final String RSA_AES_ALIAS = "rsa_aes_alias";
        private static final String TAG = "KeyStoreHelper";
        private Cipher sCipher;

        /* loaded from: classes3.dex */
        interface SecurityConstants {
            public static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";
            public static final String TYPE_RSA = "RSA";
        }

        private RsaCrypt() {
        }

        static void createKeys(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
            if (isSigningKey(RSA_AES_ALIAS)) {
                return;
            }
            if (Build.VERSION.SDK_INT >= 23) {
                createKeysM(RSA_AES_ALIAS, false);
            } else {
                if (Build.VERSION.SDK_INT < 18) {
                    throw new UnsupportedOperationException("Encryption is only available for API Level 18 and above");
                }
                createKeysJBMR2(context, RSA_AES_ALIAS);
            }
        }

        private static void createKeysJBMR2(Context context, String str) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 30);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.valueOf(Math.abs(str.hashCode()))).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SecurityConstants.TYPE_RSA, SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyPairGenerator.initialize(build);
            Log.d(TAG, "Public Key is: " + keyPairGenerator.generateKeyPair().getPublic().toString());
        }

        private static void createKeysM(String str, boolean z) throws InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchAlgorithmException {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SecurityConstants.TYPE_RSA, SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(1024, RSAKeyGenParameterSpec.F4)).setBlockModes("CBC").setEncryptionPaddings("PKCS1Padding").setDigests("SHA-256", "SHA-384", "SHA-512").setUserAuthenticationRequired(z).build());
            Log.d(TAG, "Public Key is: " + keyPairGenerator.generateKeyPair().getPublic().toString());
        }

        private Cipher getCipher() throws NoSuchAlgorithmException, NoSuchPaddingException {
            if (this.sCipher == null) {
                this.sCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            }
            return this.sCipher;
        }

        private static KeyStore.PrivateKeyEntry getPrivateKeyEntry(String str) {
            try {
                KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                keyStore.load(null);
                KeyStore.Entry entry = keyStore.getEntry(str, null);
                if (entry != null) {
                    if (entry instanceof KeyStore.PrivateKeyEntry) {
                        return (KeyStore.PrivateKeyEntry) entry;
                    }
                    Log.w(TAG, "Not an instance of a PrivateKeyEntry");
                    Log.w(TAG, "Exiting signData()...");
                    return null;
                }
                Log.w(TAG, "No key found under alias: " + str);
                Log.w(TAG, "Exiting signData()...");
                return null;
            } catch (Exception e) {
                Log.e(TAG, e.getMessage(), e);
                return null;
            }
        }

        private static boolean isSigningKey(String str) {
            if (Build.VERSION.SDK_INT >= 18) {
                try {
                    KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                    keyStore.load(null);
                    return keyStore.containsAlias(str);
                } catch (Exception e) {
                    Log.e(TAG, e.getMessage(), e);
                }
            }
            return false;
        }

        SecretKey decryptAESKey(byte[] bArr) {
            try {
                PrivateKey privateKey = getPrivateKeyEntry(RSA_AES_ALIAS).getPrivateKey();
                Cipher cipher = getCipher();
                cipher.init(2, privateKey);
                return new SecretKeySpec(cipher.doFinal(bArr), DataUtils.DEFAULT_ENCRIPTION_ALGORITHM);
            } catch (Exception e) {
                System.out.println("exception decrypting the aes key: " + e.getMessage());
                return null;
            }
        }

        byte[] encryptSecretKey(SecretKey secretKey) {
            try {
                Cipher cipher = getCipher();
                cipher.init(1, getPrivateKeyEntry(RSA_AES_ALIAS).getCertificate().getPublicKey());
                return cipher.doFinal(secretKey.getEncoded());
            } catch (Exception e) {
                System.out.println("exception encoding key: " + e.getMessage());
                e.printStackTrace();
                return null;
            }
        }
    }

    public static String decrypt(Context context, String str) throws EncryptionException {
        AesCrypt access$000 = AesCrypt.access$000();
        try {
            Cipher cipher = access$000.getCipher();
            cipher.init(2, access$000.getKey(context));
            return new String(cipher.doFinal(Base64.decode(str, 2)));
        } catch (Exception e) {
            Log.e(TAG, "An error occurred during the decryption process. ", e);
            throw new EncryptionException(e);
        }
    }

    public static String encrypt(Context context, String str) throws EncryptionException {
        try {
            AesCrypt access$000 = AesCrypt.access$000();
            Cipher cipher = access$000.getCipher();
            cipher.init(1, access$000.getKey(context));
            return Base64.encodeToString(cipher.doFinal(str.getBytes()), 2);
        } catch (Exception e) {
            Log.e(TAG, "An error occurred during the encryption process. ", e);
            throw new EncryptionException(e);
        }
    }

    @Deprecated
    public static void init(Context context, ProviderFactory providerFactory) throws InitializationException {
        boolean z = false;
        while (true) {
            try {
                RsaCrypt.createKeys(context);
                return;
            } catch (InvalidAlgorithmParameterException e) {
                Log.e(TAG, "The provided parameters seem to be wrong.", e);
                throw new InitializationException(e);
            } catch (Exception e2) {
                if (providerFactory == null || z) {
                    Log.e(TAG, "The required key creation algorithms are not available. Consider providing an alternative Security Provider.", e2);
                    throw new InitializationException(e2);
                }
                replaceSecurityProvider(providerFactory.get());
                z = true;
            }
        }
        Log.e(TAG, "The required key creation algorithms are not available. Consider providing an alternative Security Provider.", e2);
        throw new InitializationException(e2);
    }

    public static void init(Context context, Provider provider) throws InitializationException {
        if (provider != null) {
            replaceSecurityProvider(provider);
        }
        try {
            RsaCrypt.createKeys(context);
        } catch (Exception e) {
            Log.e(TAG, "An error while initializing the RSA Keys. Consider providing an alternative Security Provider.", e);
            throw new InitializationException(e);
        }
    }

    private static void replaceSecurityProvider(Provider provider) {
        Security.insertProviderAt(provider, 1);
    }
}
