package com.auctionmobility.auctions.util;

import android.annotation.SuppressLint;
import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import androidx.annotation.Nullable;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

@SuppressLint({"NewApi"})
/* loaded from: classes.dex */
public class KeyStoreHelper {
    private static final String AES_MODE = "AES/GCM/NoPadding";
    private static final String ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final String KEY_ALIAS = "key_alias";
    private static final String PREFS_AES_KEY = "PREFS_AES_KEY";
    private static final String PREFS_PUBLIC_IV = "PREFS_PUBLIC_IV";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final String SHARED_PREFERENCES_NAME = "keystore";
    private static final String TAG = "KeyStoreHelper";
    private static KeyStoreHelper instance;
    private final KeyStore keyStore;
    private final SharedPreferencesHelper preferences;

    private KeyStoreHelper(Context context) throws NoSuchPaddingException, NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException, CertificateException, IOException, UnrecoverableEntryException, InvalidKeyException {
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
        this.keyStore = keyStore;
        keyStore.load(null);
        SharedPreferencesHelper create = SharedPreferencesHelper.create(context, SHARED_PREFERENCES_NAME);
        this.preferences = create;
        if (!keyStore.containsAlias(KEY_ALIAS)) {
            generateRsaPair(context);
        }
        if (!create.contains(PREFS_PUBLIC_IV)) {
            generateRandomIV();
        }
        generateAes(context);
    }

    private void generateAes(Context context) throws NoSuchPaddingException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, NoSuchProviderException, InvalidKeyException, KeyStoreException, CertificateException, InvalidAlgorithmParameterException {
        if (this.preferences.contains(PREFS_AES_KEY)) {
            return;
        }
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        byte[] rsaEncrypt = rsaEncrypt(context, bArr);
        if (rsaEncrypt != null) {
            this.preferences.putString(PREFS_AES_KEY, Base64.encodeToString(rsaEncrypt, 0));
        }
    }

    private byte[] generateCipherOutPutStream(KeyStore.PrivateKeyEntry privateKeyEntry, byte[] bArr) throws InvalidKeyException, IOException, NoSuchPaddingException, NoSuchAlgorithmException {
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    private void generateRandomIV() {
        this.preferences.putString(PREFS_PUBLIC_IV, Base64.encodeToString(new SecureRandom().generateSeed(12), 0));
    }

    private void generateRsaPair(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException, CertificateException, IOException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 1);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(KEY_ALIAS).setKeyType("RSA").setSubject(new X500Principal("CN=key_alias")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", ANDROID_KEYSTORE);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private Key getAes() throws NoSuchPaddingException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, NoSuchProviderException, InvalidKeyException, KeyStoreException {
        return new SecretKeySpec(rsaDecrypt(Base64.decode(this.preferences.getString(PREFS_AES_KEY), 0)), "AES");
    }

    public static KeyStoreHelper getInstance(Context context) {
        if (instance == null) {
            try {
                instance = new KeyStoreHelper(context);
            } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | NoSuchPaddingException e10) {
                e10.printStackTrace();
                LogUtil.LOGD(TAG, "Failed to initialize");
            }
        }
        return instance;
    }

    private byte[] rsaDecrypt(byte[] bArr) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IOException, UnrecoverableEntryException, KeyStoreException {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null);
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(2, privateKeyEntry.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i10 = 0; i10 < size; i10++) {
            bArr2[i10] = ((Byte) arrayList.get(i10)).byteValue();
        }
        return bArr2;
    }

    private byte[] rsaEncrypt(Context context, byte[] bArr) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IOException, UnrecoverableEntryException, KeyStoreException, CertificateException, InvalidAlgorithmParameterException {
        try {
            return generateCipherOutPutStream((KeyStore.PrivateKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null), bArr);
        } catch (Exception unused) {
            generateRsaPair(context);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null);
            generateRandomIV();
            this.preferences.putString(PREFS_AES_KEY, Base64.encodeToString(generateCipherOutPutStream(privateKeyEntry, bArr), 0));
            return null;
        }
    }

    @Nullable
    public String decrypt(String str) {
        try {
            String string = this.preferences.getString(PREFS_PUBLIC_IV);
            Cipher cipher = Cipher.getInstance(AES_MODE);
            cipher.init(2, getAes(), new GCMParameterSpec(128, Base64.decode(string, 0)));
            return new String(cipher.doFinal(Base64.decode(str.getBytes(StandardCharsets.UTF_8), 0)));
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e10) {
            e10.printStackTrace();
            LogUtil.LOGD(TAG, "Failed to decrypt: " + str);
            return null;
        }
    }

    @Nullable
    public String encrypt(String str) {
        try {
            String string = this.preferences.getString(PREFS_PUBLIC_IV);
            Cipher cipher = Cipher.getInstance(AES_MODE);
            cipher.init(1, getAes(), new GCMParameterSpec(128, Base64.decode(string, 0)));
            return Base64.encodeToString(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)), 0);
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e10) {
            e10.printStackTrace();
            LogUtil.LOGD(TAG, "Failed to encrypt: " + str);
            return null;
        }
    }
}
