package com.quvii.qvlib.util;

import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.text.TextUtils;
import androidx.annotation.Nullable;
import androidx.exifinterface.media.ExifInterface;
import com.quvii.qvlib.base.QvBaseApp;
import com.quvii.qvlib.common.QvLibConfig;
import com.quvii.qvlib.helper.QvSpHelper;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes5.dex */
public class QvEncryptKeyStoreUtil {
    private static final String AES = "AES";
    private static final int AES_TYPE = 128;
    public static final String CHARSET = "utf-8";
    private static String CIPHER_ALGORITHM = "AES/ECB/PKCS7Padding";
    private static final String KEY_ALGORITHM = "AES";
    private static final String KEY_STONE_NAME = "key";
    private static final String KEY_STONE_NAME_NEW = "key2";
    private static final String SHA1PRNG = "SHA1PRNG";
    private static final ThreadLocal<Cipher> decodeCipherThreadLocal;
    private static final ThreadLocal<Cipher> encodeCipherThreadLocal;
    private static final ThreadLocal<Cipher> encodeLogCipherThreadLocal;
    private static boolean isSupportP;
    private static IvParameterSpec ivParameterSpec;
    private static KeyStore keyStore;
    private static KeyStore.PrivateKeyEntry privateKeyEntry;
    private static SecretKeySpec secretKeySpec;
    private static byte[] temp;

    /* loaded from: classes5.dex */
    public static class CryptoProvider extends Provider {
        public CryptoProvider() {
            super("Crypto", 1.0d, "HARMONY (SHA1 digest; SecureRandom; SHA1withDSA signature)");
            put("SecureRandom.SHA1PRNG", "org.apache.harmony.security.provider.crypto.SHA1PRNG_SecureRandomImpl");
            put("SecureRandom.SHA1PRNG ImplementedIn", ExifInterface.TAG_SOFTWARE);
        }
    }

    static {
        isSupportP = Build.VERSION.SDK_INT >= 28;
        encodeCipherThreadLocal = new ThreadLocal<Cipher>() { // from class: com.quvii.qvlib.util.QvEncryptKeyStoreUtil.1
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // java.lang.ThreadLocal
            @Nullable
            public Cipher initialValue() {
                LogUtil.i("init en value");
                return QvEncryptKeyStoreUtil.access$000();
            }
        };
        encodeLogCipherThreadLocal = new ThreadLocal<Cipher>() { // from class: com.quvii.qvlib.util.QvEncryptKeyStoreUtil.2
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // java.lang.ThreadLocal
            @Nullable
            public Cipher initialValue() {
                LogUtil.i("init en log value");
                return QvEncryptKeyStoreUtil.access$100();
            }
        };
        decodeCipherThreadLocal = new ThreadLocal<Cipher>() { // from class: com.quvii.qvlib.util.QvEncryptKeyStoreUtil.3
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // java.lang.ThreadLocal
            @Nullable
            public Cipher initialValue() {
                LogUtil.i("init de value");
                return QvEncryptKeyStoreUtil.access$200();
            }
        };
    }

    public static String RsaEncrypt(String str) throws Exception {
        RSAPublicKey rSAPublicKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(QvBase64.decode("MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaEp8bdq/s2BAQv7nK41a8E9ALeirPAKa2en8X60qtQRWFeiDYWhURRlyxoU8VHGuZSvAvT/CHfnE8jKsMJkVrkcjV1ayT34iTW8RAXjoGKXWCv4cevGlUB0D2rskgeSkOJMZVksCyNAO12apDfcg0xbFlLb+Su3n0zYKLsNt2EwIDAQAB")));
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, rSAPublicKey);
        return QvBase64.encode(cipher.doFinal(str.getBytes("utf-8")));
    }

    static /* synthetic */ Cipher access$000() {
        return createAesEncodeCipher();
    }

    static /* synthetic */ Cipher access$100() {
        return createAesEncodeLogCipher();
    }

    static /* synthetic */ Cipher access$200() {
        return createAesDecodeCipher();
    }

    private static void checkNewKey() {
        KeyStore.PrivateKeyEntry privateKeyEntry2;
        String oldLocalAesKey = QvSpHelper.getInstance().getOldLocalAesKey();
        if (TextUtils.isEmpty(oldLocalAesKey) || oldLocalAesKey.equals("0")) {
            return;
        }
        LogUtil.i("checkNewKey start");
        KeyStore keyStore2 = keyStore;
        if (keyStore2 == null) {
            LogUtil.e("keyStore is null");
            return;
        }
        String str = null;
        if (isSupportP) {
            privateKeyEntry2 = null;
        } else {
            try {
                privateKeyEntry2 = (KeyStore.PrivateKeyEntry) keyStore2.getEntry(KEY_STONE_NAME, null);
            } catch (Exception e3) {
                LogUtil.printStackTrace(e3);
                privateKeyEntry2 = null;
            }
            if (privateKeyEntry2 == null) {
                LogUtil.e("oldPrivateKeyEntry is null");
                return;
            }
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            if (isSupportP) {
                cipher.init(2, keyStore.getKey(KEY_STONE_NAME, null));
            } else {
                cipher.init(2, privateKeyEntry2.getPrivateKey());
            }
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(QvBase64.decode(oldLocalAesKey)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                } else {
                    arrayList.add(Byte.valueOf((byte) read));
                }
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i2 = 0; i2 < size; i2++) {
                bArr[i2] = ((Byte) arrayList.get(i2)).byteValue();
            }
            str = new String(bArr, 0, size, "utf-8");
        } catch (Exception e4) {
            LogUtil.printStackTrace(e4);
        }
        if (str == null) {
            LogUtil.e("decryptStr is null");
            return;
        }
        QvSpHelper.getInstance().setLocalAesKey(encryptWithRsa(str));
        QvSpHelper.getInstance().setOldLocalAesKey("");
        LogUtil.i("checkNewKey end");
    }

    private static Cipher createAesDecodeCipher() {
        if (ivParameterSpec == null || !CIPHER_ALGORITHM.contains("CBC")) {
            if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
                LogUtil.i("init aes key no cbc");
            }
            try {
                Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
                cipher.init(2, secretKeySpec);
                return cipher;
            } catch (Exception e3) {
                LogUtil.printStackTrace(e3);
                return null;
            }
        }
        if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
            LogUtil.i("init aes key cbc");
        }
        try {
            Cipher cipher2 = Cipher.getInstance(CIPHER_ALGORITHM);
            cipher2.init(2, secretKeySpec, ivParameterSpec);
            return cipher2;
        } catch (Exception e4) {
            LogUtil.printStackTrace(e4);
            return null;
        }
    }

    private static Cipher createAesEncodeCipher() {
        if (ivParameterSpec == null || !CIPHER_ALGORITHM.contains("CBC")) {
            if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
                LogUtil.i("init aes key no cbc");
            }
            try {
                Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
                cipher.init(1, secretKeySpec);
                return cipher;
            } catch (Exception e3) {
                LogUtil.printStackTrace(e3);
                return null;
            }
        }
        if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
            LogUtil.i("init aes key cbc");
        }
        try {
            Cipher cipher2 = Cipher.getInstance(CIPHER_ALGORITHM);
            cipher2.init(1, secretKeySpec, ivParameterSpec);
            return cipher2;
        } catch (Exception e4) {
            LogUtil.printStackTrace(e4);
            return null;
        }
    }

    private static Cipher createAesEncodeLogCipher() {
        if (ivParameterSpec == null || !CIPHER_ALGORITHM.contains("CBC")) {
            if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
                LogUtil.i("init aes key no cbc");
            }
            try {
                Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
                cipher.init(1, secretKeySpec);
                return cipher;
            } catch (Exception e3) {
                LogUtil.printStackTrace(e3);
                return null;
            }
        }
        if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
            LogUtil.i("init aes key cbc");
        }
        try {
            Cipher cipher2 = Cipher.getInstance(CIPHER_ALGORITHM);
            cipher2.init(1, secretKeySpec, ivParameterSpec);
            return cipher2;
        } catch (Exception e4) {
            LogUtil.printStackTrace(e4);
            return null;
        }
    }

    private static byte[] createAesKey() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            int i2 = Build.VERSION.SDK_INT;
            keyGenerator.init(128, i2 >= 28 ? SecureRandom.getInstance(SHA1PRNG) : i2 > 23 ? SecureRandom.getInstance(SHA1PRNG, new CryptoProvider()) : SecureRandom.getInstance(SHA1PRNG, "Crypto"));
            return keyGenerator.generateKey().getEncoded();
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
            return null;
        }
    }

    private static void createNewKeys(String str) {
        if ("".equals(str)) {
            return;
        }
        try {
            if (keyStore.containsAlias(str)) {
                return;
            }
            LogUtil.i("create key store");
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 30);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(QvBaseApp.getInstance()).setAlias(str).setSubject(new X500Principal("CN=Sample Name, O=Android Authority")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
        }
    }

    public static String decodeWithAes(String str) throws NullPointerException {
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        if (str.length() % 32 != 0) {
            LogUtil.i("string size error : " + str.length());
            return str;
        }
        Cipher cipher = decodeCipherThreadLocal.get();
        if (cipher == null) {
            LogUtil.i("de not init");
            return str;
        }
        try {
            return new String(cipher.doFinal(QvDataUtil.hextoBytes(str)), "utf-8");
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
            resetCipher(cipher, false);
            return str;
        }
    }

    public static String decodeWithAesEx(String str) throws NullPointerException {
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        Cipher cipher = decodeCipherThreadLocal.get();
        if (cipher == null) {
            LogUtil.i("de not init");
            return str;
        }
        try {
            return new String(cipher.doFinal(QvBase64.decode(str)), "utf-8");
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
            resetCipher(cipher, false);
            return str;
        }
    }

    public static String decryptWithRsa(String str) {
        if (TextUtils.isEmpty(str)) {
            return str;
        }
        boolean z2 = isSupportP;
        if (!z2 && privateKeyEntry == null) {
            return str;
        }
        if (z2 && keyStore == null) {
            return str;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            if (isSupportP) {
                cipher.init(2, keyStore.getKey(KEY_STONE_NAME_NEW, null));
            } else {
                cipher.init(2, privateKeyEntry.getPrivateKey());
            }
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(QvBase64.decode(str)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i2 = 0; i2 < size; i2++) {
                bArr[i2] = ((Byte) arrayList.get(i2)).byteValue();
            }
            return new String(bArr, 0, size, "utf-8");
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
            return str;
        }
    }

    public static String encodeWithAes(String str) throws NullPointerException {
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        Cipher cipher = encodeCipherThreadLocal.get();
        if (cipher == null) {
            LogUtil.i("en not init");
            return str;
        }
        try {
            return QvDataUtil.bytesToHex(cipher.doFinal(str.getBytes("utf-8")));
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
            resetCipher(cipher, true);
            return str;
        }
    }

    public static String encodeWithAesEx(String str) throws NullPointerException {
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        Cipher cipher = encodeCipherThreadLocal.get();
        if (cipher == null) {
            LogUtil.i("en not init");
            return str;
        }
        try {
            return QvBase64.encode(cipher.doFinal(str.getBytes("utf-8")));
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
            resetCipher(cipher, true);
            return str;
        }
    }

    public static String encodeWithAesLog(String str) throws NullPointerException {
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        Cipher cipher = encodeLogCipherThreadLocal.get();
        if (cipher == null) {
            LogUtil.i("en log not init");
            return str;
        }
        try {
            return QvBase64.encode(cipher.doFinal(str.getBytes("utf-8")));
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
            resetCipher(cipher, true);
            return str;
        }
    }

    public static String encryptWithRsa(String str) {
        if (TextUtils.isEmpty(str)) {
            LogUtil.i("content is empty");
            return str;
        }
        boolean z2 = isSupportP;
        if (!z2 && privateKeyEntry == null) {
            LogUtil.i("encrypt null");
            return str;
        }
        if (z2 && keyStore == null) {
            LogUtil.i("encrypt null");
            return str;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            if (isSupportP) {
                cipher.init(1, keyStore.getCertificate(KEY_STONE_NAME_NEW).getPublicKey());
            } else {
                cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes("UTF-8"));
            cipherOutputStream.close();
            return QvBase64.encode(byteArrayOutputStream.toByteArray());
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
            return str;
        }
    }

    public static byte[] get() {
        return temp;
    }

    public static String getCipherAlgorithm() {
        return CIPHER_ALGORITHM;
    }

    private static void initAesKey() {
        LogUtil.i("init aes key");
        if (QvSpHelper.getInstance().getLocalAesKey().equals("0") || TextUtils.isEmpty(QvSpHelper.getInstance().getLocalAesKey())) {
            byte[] createAesKey = createAesKey();
            if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
                LogUtil.i("set aes key:" + Arrays.toString(createAesKey));
            }
            QvSpHelper.getInstance().setLocalAesKey(encryptWithRsa(QvBase64.encode(createAesKey)));
        }
        temp = QvBase64.decode(decryptWithRsa(QvSpHelper.getInstance().getLocalAesKey()));
        if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
            LogUtil.i("get aes key:" + Arrays.toString(temp));
        }
        secretKeySpec = new SecretKeySpec(temp, "AES");
    }

    private static void initKey() {
        try {
            initAesKey();
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
        }
    }

    public static void initKeyStore() {
        try {
            KeyStore keyStore2 = KeyStore.getInstance("AndroidKeyStore");
            keyStore = keyStore2;
            keyStore2.load(null);
        } catch (Exception e3) {
            LogUtil.printStackTrace(e3);
        }
        int i2 = Build.VERSION.SDK_INT;
        createNewKeys(KEY_STONE_NAME_NEW);
        if (i2 < 28) {
            try {
                privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(KEY_STONE_NAME_NEW, null);
                if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
                    LogUtil.i("init aes key" + privateKeyEntry.toString());
                }
            } catch (Exception e4) {
                LogUtil.printStackTrace(e4);
            }
        }
        checkNewKey();
        initKey();
    }

    public static void initKeyStore(String str, String str2, IvParameterSpec ivParameterSpec2) {
        if (!TextUtils.isEmpty(str2)) {
            QvSpHelper.getInstance().setOldLocalAesKey(str2);
        }
        CIPHER_ALGORITHM = str;
        ivParameterSpec = ivParameterSpec2;
        initKeyStore();
    }

    private static void resetCipher(Cipher cipher, boolean z2) {
        if (cipher == null || secretKeySpec == null) {
            if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
                LogUtil.i("reset is null");
                return;
            }
            return;
        }
        if (QvLibConfig.IS_SHOW_ENCRYPT_LOG) {
            LogUtil.i("reset aes");
        }
        if (ivParameterSpec == null || !CIPHER_ALGORITHM.contains("CBC")) {
            try {
                cipher.init(z2 ? 1 : 2, secretKeySpec);
                return;
            } catch (Exception e3) {
                LogUtil.printStackTrace(e3);
                return;
            }
        }
        try {
            cipher.init(z2 ? 1 : 2, secretKeySpec, ivParameterSpec);
        } catch (Exception e4) {
            LogUtil.printStackTrace(e4);
        }
    }
}
