package at.bluesource.utils;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import at.bluesource.bssbase.utils.BssLogUtils;
import at.bluesource.data.BundleSettings;
import com.google.android.gms.gcm.GoogleCloudMessaging;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class KeyStoreApiAdapter {
    private static KeyStore a;

    private static int a(Context context) {
        return Build.VERSION.SDK_INT;
    }

    @TargetApi(19)
    private static String a(String str, String str2, Context context) {
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            byte[] a2 = a(str);
            if (a2 != null) {
                cipher.init(1, c(str, context), new GCMParameterSpec(128, a2));
            } else {
                cipher.init(1, c(str, context));
                a(str, cipher.getIV());
            }
            str2 = Base64.encodeToString(cipher.doFinal(str2.getBytes()), 0);
            return str2;
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            BssLogUtils.logException(e, true);
            return str2;
        }
    }

    private static KeyStore a() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        if (a == null) {
            a = KeyStore.getInstance("AndroidKeyStore");
            a.load(null);
        }
        return a;
    }

    @TargetApi(18)
    private static void a(String str, Context context) {
        try {
            if (a().containsAlias(str)) {
                return;
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 30);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            BssLogUtils.logException(e, true);
        }
    }

    private static void a(String str, byte[] bArr) {
        BundleSettings.setEncryptionIv(Base64.encodeToString(bArr, 0), str);
    }

    private static byte[] a(String str) {
        String encryptionIv = BundleSettings.getEncryptionIv(str);
        if (encryptionIv == null) {
            return null;
        }
        return Base64.decode(encryptionIv, 0);
    }

    private static byte[] a(byte[] bArr, String str) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IOException, UnrecoverableEntryException, KeyStoreException {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) a.getEntry(str, null);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    @TargetApi(19)
    private static String b(String str, String str2, Context context) {
        try {
            byte[] decode = Base64.decode(str2, 0);
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, c(str, context), new GCMParameterSpec(128, a(str)));
            return new String(cipher.doFinal(decode));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            BssLogUtils.logException(e, true);
            return str2;
        }
    }

    @TargetApi(23)
    private static void b(String str, Context context) {
        try {
            a = KeyStore.getInstance("AndroidKeyStore");
            a.load(null);
            if (a.containsAlias(str)) {
                return;
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes(GoogleCloudMessaging.INSTANCE_ID_SCOPE).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).setUserAuthenticationRequired(false).build());
            keyGenerator.generateKey();
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            BssLogUtils.logException(e, true);
        }
    }

    private static boolean b(Context context) {
        return a(context) >= 19 && a(context) < 23;
    }

    private static byte[] b(byte[] bArr, String str) throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IOException {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) a.getEntry(str, null);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, privateKeyEntry.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        byte[] bArr2 = new byte[arrayList.size()];
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= bArr2.length) {
                return bArr2;
            }
            bArr2[i2] = ((Byte) arrayList.get(i2)).byteValue();
            i = i2 + 1;
        }
    }

    private static Key c(String str, Context context) {
        return b(context) ? e(str, context) : d(str, context);
    }

    private static boolean c(Context context) {
        return a(context) >= 23;
    }

    private static Key d(String str, Context context) {
        try {
            return a.getKey(str, null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            BssLogUtils.logException(e, true);
            return null;
        }
    }

    public static String decryptPreferenceValue(String str, String str2, Context context) {
        if (c(context)) {
            b(str, context);
            return b(str, str2, context);
        }
        if (!b(context)) {
            return str2;
        }
        a(str, context);
        return b(str, str2, context);
    }

    private static Key e(String str, Context context) {
        try {
            String encryptionSecret = BundleSettings.getEncryptionSecret();
            if (encryptionSecret == null) {
                byte[] bArr = new byte[16];
                new SecureRandom().nextBytes(bArr);
                encryptionSecret = Base64.encodeToString(a(bArr, str), 0);
                BundleSettings.setEncryptionSecret(encryptionSecret);
            }
            return new SecretKeySpec(b(Base64.decode(encryptionSecret, 0), str), "AES");
        } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | NoSuchPaddingException e) {
            BssLogUtils.logException(e, true);
            return null;
        }
    }

    public static String encryptPreferenceValue(String str, String str2, Context context) {
        if (c(context)) {
            b(str, context);
            return a(str, str2, context);
        }
        if (!b(context)) {
            return str2;
        }
        a(str, context);
        return a(str, str2, context);
    }
}
