package com.aliexpress.aer.core.security;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;

/* loaded from: classes2.dex */
public final class CypherRepositoryPreMImpl implements b {

    /* renamed from: d, reason: collision with root package name */
    public static final a f15605d = new a(null);

    /* renamed from: a, reason: collision with root package name */
    public final Context f15606a;

    /* renamed from: b, reason: collision with root package name */
    public final Lazy f15607b;

    /* renamed from: c, reason: collision with root package name */
    public final Lazy f15608c;

    /* loaded from: classes2.dex */
    public static final class a {
        public a() {
        }

        public /* synthetic */ a(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    public CypherRepositoryPreMImpl(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        this.f15606a = context;
        this.f15607b = LazyKt.lazy(new Function0<SharedPreferences>() { // from class: com.aliexpress.aer.core.security.CypherRepositoryPreMImpl$pref$2
            {
                super(0);
            }

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // kotlin.jvm.functions.Function0
            public final SharedPreferences invoke() {
                Context context2;
                context2 = CypherRepositoryPreMImpl.this.f15606a;
                return context2.getSharedPreferences("secure_prefs", 0);
            }
        });
        this.f15608c = LazyKt.lazy(new Function0<KeyStore>() { // from class: com.aliexpress.aer.core.security.CypherRepositoryPreMImpl$keyStore$2
            @Override // kotlin.jvm.functions.Function0
            public final KeyStore invoke() {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                return keyStore;
            }
        });
    }

    private final KeyStore g() {
        return (KeyStore) this.f15608c.getValue();
    }

    @Override // com.aliexpress.aer.core.security.b
    public String a(String alias, String ivKey, byte[] encryptedData) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(ivKey, "ivKey");
        Intrinsics.checkNotNullParameter(encryptedData, "encryptedData");
        return d(alias, encryptedData);
    }

    @Override // com.aliexpress.aer.core.security.b
    public byte[] b(String alias, String ivKey, String text) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(ivKey, "ivKey");
        Intrinsics.checkNotNullParameter(text, "text");
        return e(alias, text);
    }

    public final String d(String str, byte[] bArr) {
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
        cipher.init(2, f(str));
        byte[] doFinal = cipher.doFinal(Base64.decode(bArr, 0));
        Intrinsics.checkNotNull(doFinal);
        return new String(doFinal, Charsets.UTF_8);
    }

    public final byte[] e(String str, String str2) {
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
        cipher.init(1, f(str));
        byte[] bytes = str2.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
        byte[] encode = Base64.encode(cipher.doFinal(bytes), 0);
        Intrinsics.checkNotNullExpressionValue(encode, "encode(...)");
        return encode;
    }

    public final SecretKey f(String str) {
        String string = h().getString("ENCRYPTED_AES_KEY", null);
        if (string == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            string = Base64.encodeToString(k(str, bArr), 0);
            h().edit().putString("ENCRYPTED_AES_KEY", string).apply();
        }
        byte[] decode = Base64.decode(string, 0);
        Intrinsics.checkNotNullExpressionValue(decode, "decode(...)");
        return new SecretKeySpec(j(str, decode), "AES");
    }

    public final SharedPreferences h() {
        return (SharedPreferences) this.f15607b.getValue();
    }

    public final KeyStore.PrivateKeyEntry i(String str) {
        if (!g().containsAlias(str)) {
            Calendar calendar = Calendar.getInstance();
            Intrinsics.checkNotNullExpressionValue(calendar, "getInstance(...)");
            Calendar calendar2 = Calendar.getInstance();
            Intrinsics.checkNotNullExpressionValue(calendar2, "getInstance(...)");
            calendar2.add(1, 30);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.f15606a).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            Intrinsics.checkNotNullExpressionValue(build, "build(...)");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            Intrinsics.checkNotNullExpressionValue(keyPairGenerator, "getInstance(...)");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        }
        KeyStore.Entry entry = g().getEntry(str, null);
        Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        return (KeyStore.PrivateKeyEntry) entry;
    }

    public final byte[] j(String str, byte[] bArr) {
        KeyStore.PrivateKeyEntry i11 = i(str);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, i11.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i12 = 0; i12 < size; i12++) {
            Object obj = arrayList.get(i12);
            Intrinsics.checkNotNullExpressionValue(obj, "get(...)");
            bArr2[i12] = ((Number) obj).byteValue();
        }
        return bArr2;
    }

    public final byte[] k(String str, byte[] bArr) {
        KeyStore.PrivateKeyEntry i11 = i(str);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(1, i11.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "toByteArray(...)");
        return byteArray;
    }
}
