package com.intel.wearable.cloudsdk.core;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import com.intel.wearable.platform.timeiq.platform.android.crypt.AndroidCertificatesManager;
import com.intel.wearable.platform.timeiq.platform.java.crypt.JavaCryptUtils;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class g {

    /* renamed from: b, reason: collision with root package name */
    private static Context f1491b;

    /* renamed from: c, reason: collision with root package name */
    private static SecureRandom f1492c;

    /* renamed from: d, reason: collision with root package name */
    private static KeyStore f1493d;
    private static SecretKey e;

    /* renamed from: a, reason: collision with root package name */
    private static final String f1490a = g.class.getSimpleName();
    private static final Object f = new Object();

    /* loaded from: classes2.dex */
    private static class a {

        /* renamed from: a, reason: collision with root package name */
        public static g f1494a = new g();
    }

    private g() {
        try {
            f1493d = KeyStore.getInstance(AndroidCertificatesManager.ANDROID_KEY_STORE);
            f1493d.load(null);
            f1492c = new SecureRandom();
            if (!f1493d.containsAlias("cloudsdk.AuthCredProtector")) {
                c();
                a();
            }
            try {
                e = b();
            } catch (Exception e2) {
                Log.e(f1490a, "Could not initialize AES Key. All authenticated requests will fail.");
                e2.printStackTrace();
            }
        } catch (Exception e3) {
            f1493d = null;
            Log.e(f1490a, "Could not load AndroidKeyStore. All authenticated requests will fail.");
            e3.printStackTrace();
        }
    }

    public static g a(Context context) {
        if (f1491b == null) {
            synchronized (g.class) {
                if (f1491b == null) {
                    f1491b = context.getApplicationContext();
                }
            }
        }
        return a.f1494a;
    }

    private String a(byte[] bArr) throws Exception {
        if (f1493d == null) {
            Log.e(f1490a, "Can not encrypt AES key. KeyStore is not initialized.");
            throw new Exception("FATAL EXCEPTION: Can not encrypt AES key. KeyStore is not initialized.");
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) f1493d.getEntry("cloudsdk.AuthCredProtector", null);
        if (privateKeyEntry == null) {
            Log.e(f1490a, "RSA private key found to be null while encrypting AES key.");
            throw new Exception("FATAL EXCEPTION: RSA private key found to be null while encrypting AES key.");
        }
        PublicKey publicKey = privateKeyEntry.getCertificate().getPublicKey();
        Cipher cipher = Cipher.getInstance(JavaCryptUtils.RSA_ECB_PKCS1_PADDING);
        cipher.init(1, publicKey);
        return Base64.encodeToString(cipher.doFinal(bArr), 0);
    }

    private SecretKey a(SharedPreferences sharedPreferences) throws Exception {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(JavaCryptUtils.CRYPT_ALGORITHM);
        keyGenerator.init(128);
        SecretKey generateKey = keyGenerator.generateKey();
        SharedPreferences.Editor edit = sharedPreferences.edit();
        edit.putString("cloudsdk.AesKey", a(generateKey.getEncoded()));
        edit.apply();
        return generateKey;
    }

    private void a() throws Exception {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 25);
        synchronized (f) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", AndroidCertificatesManager.ANDROID_KEY_STORE);
            if (Build.VERSION.SDK_INT >= 23) {
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder("cloudsdk.AuthCredProtector", 2).setCertificateSubject(new X500Principal("CN=cloudsdk.AuthCredProtector")).setCertificateSerialNumber(BigInteger.TEN).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).setEncryptionPaddings("PKCS1Padding").setKeySize(1024).build());
                keyPairGenerator.generateKeyPair();
            } else {
                keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(f1491b).setAlias("cloudsdk.AuthCredProtector").setSubject(new X500Principal("CN=cloudsdk.AuthCredProtector")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).setKeySize(1024).build());
                keyPairGenerator.generateKeyPair();
            }
        }
    }

    private byte[] a(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return bArr3;
    }

    private SecretKey b() throws Exception {
        SharedPreferences sharedPreferences = f1491b.getSharedPreferences("cloudsdk.Pref", 0);
        if (sharedPreferences.contains("cloudsdk.AesKey")) {
            byte[] c2 = c(sharedPreferences.getString("cloudsdk.AesKey", null));
            return new SecretKeySpec(c2, 0, c2.length, JavaCryptUtils.CRYPT_ALGORITHM);
        }
        Log.w(f1490a, "There was no AES key in the cache, generating now..");
        return a(sharedPreferences);
    }

    private void b(byte[] bArr, byte[] bArr2) throws com.intel.wearable.cloudsdk.core.a.a {
        if (Arrays.equals(bArr, bArr2)) {
            return;
        }
        Log.e(f1490a, "Decrypted data is different than the original content");
        throw new com.intel.wearable.cloudsdk.core.a.a("Decrypted data is different than the original content");
    }

    private byte[] b(byte[] bArr) throws NoSuchAlgorithmException {
        MessageDigest d2 = d();
        d2.update(bArr);
        return d2.digest();
    }

    private void c() {
        SharedPreferences sharedPreferences = f1491b.getSharedPreferences("cloudsdk.Pref", 0);
        SharedPreferences.Editor edit = sharedPreferences.edit();
        if (sharedPreferences.contains("cloudsdk.AesKey")) {
            edit.remove("cloudsdk.AesKey");
            edit.apply();
        }
    }

    private byte[] c(String str) throws Exception {
        if (f1493d == null) {
            Log.e(f1490a, "Can not decrypt AES key. KeyStore is not initialized.");
            throw new Exception("FATAL EXCEPTION: Can not decrypt AES key. KeyStore is not initialized.");
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) f1493d.getEntry("cloudsdk.AuthCredProtector", null);
        if (privateKeyEntry == null) {
            Log.e(f1490a, "RSA private key found to be null while decrypting AES key.");
            throw new Exception("FATAL EXCEPTION: RSA private key found to be null while decrypting AES key.");
        }
        PrivateKey privateKey = privateKeyEntry.getPrivateKey();
        Cipher cipher = Cipher.getInstance(JavaCryptUtils.RSA_ECB_PKCS1_PADDING);
        cipher.init(2, privateKey);
        return cipher.doFinal(Base64.decode(str, 0));
    }

    private MessageDigest d() throws NoSuchAlgorithmException {
        return MessageDigest.getInstance("SHA-256");
    }

    private int e() throws NoSuchAlgorithmException {
        return d().getDigestLength();
    }

    public String a(String str) throws com.intel.wearable.cloudsdk.core.a.a {
        if (str == null || str.length() == 0) {
            Log.w(f1490a, "Trying to encrypt null data");
            return null;
        }
        try {
            byte[] bytes = str.getBytes("UTF-8");
            if (e == null) {
                e = b();
            }
            SecretKey secretKey = e;
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            byte[] bArr = new byte[cipher.getBlockSize()];
            f1492c.nextBytes(bArr);
            cipher.init(1, secretKey, new IvParameterSpec(bArr));
            byte[] doFinal = cipher.doFinal(bytes);
            byte[] bArr2 = new byte[0];
            return Base64.encodeToString(a(a(b(bytes), bArr), doFinal), 0);
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new com.intel.wearable.cloudsdk.core.a.a(e2.getMessage());
        }
    }

    public String b(String str) throws com.intel.wearable.cloudsdk.core.a.a {
        if (str == null || str.length() == 0) {
            Log.w(f1490a, "Trying to decrypt null data");
            return null;
        }
        byte[] decode = Base64.decode(str, 0);
        try {
            if (e == null) {
                e = b();
            }
            SecretKey secretKey = e;
            int e2 = e();
            byte[] bArr = new byte[e2];
            System.arraycopy(decode, 0, bArr, 0, e2);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            int blockSize = cipher.getBlockSize();
            byte[] bArr2 = new byte[blockSize];
            System.arraycopy(decode, e2, bArr2, 0, blockSize);
            cipher.init(2, secretKey, new IvParameterSpec(bArr2));
            byte[] doFinal = cipher.doFinal(decode, bArr2.length + e2, (decode.length - bArr2.length) - e2);
            b(bArr, b(doFinal));
            return new String(doFinal, "UTF-8");
        } catch (Exception e3) {
            Log.e(f1490a, "Exception");
            e3.printStackTrace();
            throw new com.intel.wearable.cloudsdk.core.a.a(e3.getMessage());
        }
    }
}
