package tb;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import yb.o;

/* compiled from: KeystoreCipher.kt */
/* loaded from: classes2.dex */
public final class e {

    /* renamed from: a, reason: collision with root package name */
    private final String f30842a;

    /* renamed from: b, reason: collision with root package name */
    private final String f30843b;

    /* renamed from: c, reason: collision with root package name */
    private final String f30844c;

    /* renamed from: d, reason: collision with root package name */
    private final String f30845d;

    /* renamed from: e, reason: collision with root package name */
    private KeyStore f30846e;

    /* renamed from: f, reason: collision with root package name */
    private final String f30847f;

    /* renamed from: g, reason: collision with root package name */
    private final String f30848g;

    /* renamed from: h, reason: collision with root package name */
    private final byte[] f30849h;

    public e(Context context) {
        lc.m.f(context, "context");
        this.f30842a = "AES/ECB/PKCS7Padding";
        this.f30843b = "AES/GCM/NoPadding";
        this.f30844c = "AndroidKeyStore";
        this.f30845d = "com.monect.rsakey";
        this.f30847f = "RSA/ECB/PKCS1Padding";
        this.f30848g = "AES_ENCRYPTED_KEY";
        this.f30849h = new byte[]{11, -60, 1, -69, 103, -34, 51, -49, -52, 8, 15, -68};
        a(context);
        if (Build.VERSION.SDK_INT < 23) {
            d(context);
        }
    }

    private final void a(Context context) {
        KeyStore keyStore = KeyStore.getInstance(this.f30844c);
        keyStore.load(null);
        if (!keyStore.containsAlias(this.f30845d)) {
            if (Build.VERSION.SDK_INT >= 23) {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", this.f30844c);
                keyGenerator.init(new KeyGenParameterSpec.Builder(this.f30845d, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
                keyGenerator.generateKey();
            } else {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 30);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(this.f30845d).setSubject(new X500Principal("CN=" + this.f30845d)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                lc.m.e(build, "Builder(context)\n       …                 .build()");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", this.f30844c);
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            }
        }
        this.f30846e = keyStore;
    }

    private final void d(Context context) {
        SharedPreferences b10 = androidx.preference.k.b(context);
        if (b10.getString(this.f30848g, null) == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            String encodeToString = Base64.encodeToString(g(bArr), 0);
            SharedPreferences.Editor edit = b10.edit();
            edit.putString(this.f30848g, encodeToString);
            edit.commit();
        }
    }

    public final byte[] b(Context context, byte[] bArr) {
        lc.m.f(context, "context");
        lc.m.f(bArr, "encrypted");
        if (Build.VERSION.SDK_INT < 23) {
            if (e(context) == null) {
                return null;
            }
            Cipher cipher = Cipher.getInstance(this.f30842a, "BC");
            cipher.init(2, e(context));
            return cipher.doFinal(bArr);
        }
        Key e10 = e(context);
        if (e10 == null) {
            return null;
        }
        Cipher cipher2 = Cipher.getInstance(this.f30843b);
        cipher2.init(2, e10, new GCMParameterSpec(128, this.f30849h));
        return cipher2.doFinal(bArr);
    }

    public final String c(Context context, byte[] bArr) {
        lc.m.f(context, "context");
        lc.m.f(bArr, "input");
        if (Build.VERSION.SDK_INT >= 23) {
            Key e10 = e(context);
            if (e10 == null) {
                return null;
            }
            Cipher cipher = Cipher.getInstance(this.f30843b);
            cipher.init(1, e10, new GCMParameterSpec(128, this.f30849h));
            return Base64.encodeToString(cipher.doFinal(bArr), 0);
        }
        Key e11 = e(context);
        if (e11 == null) {
            return null;
        }
        Cipher cipher2 = Cipher.getInstance(this.f30842a, "BC");
        cipher2.init(1, e11);
        return Base64.encodeToString(cipher2.doFinal(bArr), 0);
    }

    public final Key e(Context context) {
        lc.m.f(context, "context");
        if (Build.VERSION.SDK_INT >= 23) {
            KeyStore keyStore = this.f30846e;
            if (keyStore != null) {
                return keyStore.getKey(this.f30845d, null);
            }
            return null;
        }
        byte[] decode = Base64.decode(androidx.preference.k.b(context).getString(this.f30848g, null), 0);
        lc.m.e(decode, "encryptedKey");
        byte[] f10 = f(decode);
        if (f10 != null) {
            return new SecretKeySpec(f10, "AES");
        }
        return null;
    }

    public final byte[] f(byte[] bArr) {
        byte[] S;
        lc.m.f(bArr, "encrypted");
        KeyStore keyStore = this.f30846e;
        if (keyStore == null) {
            return null;
        }
        KeyStore.Entry entry = keyStore.getEntry(this.f30845d, null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance(this.f30847f, "AndroidOpenSSL");
        cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                Object[] array = arrayList.toArray(new Byte[0]);
                Objects.requireNonNull(array, "null cannot be cast to non-null type kotlin.Array<T of kotlin.collections.ArraysKt__ArraysJVMKt.toTypedArray>");
                S = o.S((Byte[]) array);
                return S;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
    }

    public final byte[] g(byte[] bArr) {
        lc.m.f(bArr, "secret");
        KeyStore keyStore = this.f30846e;
        if (keyStore == null) {
            return null;
        }
        KeyStore.Entry entry = keyStore.getEntry(this.f30845d, null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance(this.f30847f, "AndroidOpenSSL");
        cipher.init(1, ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }
}
