package com.bmc.myit.util;

import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.support.annotation.RequiresApi;
import android.util.Base64;
import com.bmc.myit.MyitApplication;
import com.google.android.gms.gcm.GoogleCloudMessaging;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes37.dex */
public class KeyStoreManager {
    private static final String AES_GCM_MODE = "AES/GCM/NoPadding";
    private static final int AUTH_TAG_BIT_LENGTH = 128;
    private static final String FIXED_IV = "KSInitVector";
    private static final String KEYSTORE = "AndroidKeyStore";
    private static final String RSA_ALGORITHM = "RSA";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final String TAG = KeyStoreManager.class.getSimpleName();
    private static KeyStore mKeyStore;

    private KeyStoreManager() {
    }

    public static String decrypt(String str, String str2) {
        if ("".equals(str) || "".equals(str2)) {
            return "";
        }
        initKeyStore();
        if (Build.VERSION.SDK_INT >= 23) {
            byte[] bArr = null;
            try {
                Cipher cipher = Cipher.getInstance(AES_GCM_MODE);
                cipher.init(2, getSecretKey(str), new GCMParameterSpec(128, FIXED_IV.getBytes()));
                bArr = cipher.doFinal(Base64.decode(str2, 0));
            } catch (GeneralSecurityException e) {
                LogUtils.d(TAG, "GeneralSecurityException during decryption, message = " + e.getMessage());
            } catch (Exception e2) {
                LogUtils.d(TAG, "Exception during decryption, message = " + e2.getMessage());
            }
            return bArr != null ? new String(bArr, StandardCharsets.UTF_8) : "";
        }
        Cipher cipher2 = null;
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) mKeyStore.getEntry(str, null);
            cipher2 = Cipher.getInstance(RSA_MODE);
            cipher2.init(2, privateKeyEntry.getPrivateKey());
        } catch (GeneralSecurityException e3) {
            LogUtils.d(TAG, "GeneralSecurityException during decryption, message = " + e3.getMessage());
        }
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str2, 0)), cipher2);
        ArrayList arrayList = new ArrayList();
        while (true) {
            try {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            } catch (IOException e4) {
                LogUtils.d(TAG, "IOException during decryption, message = " + e4.getMessage());
            }
        }
        byte[] bArr2 = new byte[arrayList.size()];
        for (int i = 0; i < bArr2.length; i++) {
            bArr2[i] = ((Byte) arrayList.get(i)).byteValue();
        }
        return new String(bArr2);
    }

    public static String encrypt(String str, String str2) {
        if ("".equals(str) || "".equals(str2)) {
            return "";
        }
        initKeyStore();
        if (Build.VERSION.SDK_INT >= 23) {
            byte[] bArr = null;
            try {
                Cipher cipher = Cipher.getInstance(AES_GCM_MODE);
                cipher.init(1, getSecretKey(str), new GCMParameterSpec(128, FIXED_IV.getBytes()));
                bArr = cipher.doFinal(str2.getBytes(StandardCharsets.UTF_8));
            } catch (GeneralSecurityException e) {
                LogUtils.d(TAG, "GeneralSecurityException: during encryption, message = " + e.getMessage());
            } catch (Exception e2) {
                LogUtils.d(TAG, "Exception: during encryption, message = " + e2.getMessage());
            }
            return Base64.encodeToString(bArr, 0);
        }
        try {
            generateKeyPair(str);
        } catch (GeneralSecurityException e3) {
            LogUtils.d(TAG, "GeneralSecurityException during encryption, message = " + e3.getMessage());
        }
        Cipher cipher2 = null;
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) mKeyStore.getEntry(str, null);
            cipher2 = Cipher.getInstance(RSA_MODE);
            cipher2.init(1, privateKeyEntry.getCertificate().getPublicKey());
        } catch (GeneralSecurityException e4) {
            LogUtils.d(TAG, "GeneralSecurityException during encryption, message = " + e4.getMessage());
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher2);
        try {
            cipherOutputStream.write(str2.getBytes(StandardCharsets.UTF_8));
            cipherOutputStream.close();
        } catch (IOException e5) {
            LogUtils.d(TAG, "IOException during encryption, message = " + e5.getMessage());
        }
        return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
    }

    private static void generateKeyPair(String str) throws GeneralSecurityException {
        if (mKeyStore.containsAlias(str)) {
            LogUtils.d(TAG, "KeyPair already exists for alias = " + str);
            return;
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 1);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(MyitApplication.getInstance().getApplicationContext()).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA_ALGORITHM, KEYSTORE);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    @RequiresApi(api = 23)
    private static SecretKey getSecretKey(String str) throws Exception {
        if (mKeyStore.containsAlias(str)) {
            return (SecretKey) mKeyStore.getKey(str, null);
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", KEYSTORE);
        keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes(GoogleCloudMessaging.INSTANCE_ID_SCOPE).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        return keyGenerator.generateKey();
    }

    private static void initKeyStore() {
        if (mKeyStore == null) {
            try {
                mKeyStore = KeyStore.getInstance(KEYSTORE);
            } catch (KeyStoreException e) {
                LogUtils.d(TAG, "KeyStore instantiation error, message = " + e.getMessage());
            }
            try {
                mKeyStore.load(null);
            } catch (Exception e2) {
                LogUtils.d(TAG, "KeyStore loading error, message = " + e2.getMessage());
            }
        }
    }
}
