package com.zj.swtxgl.security;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class KeyStoreHelper {
    private static final String AES_MODE = "AES/GCM/NoPadding";
    private static final String KEYSTORE_ALIAS = "KEYSTORE_DEMO";
    private static final String KEYSTORE_PROVIDER = "AndroidKeyStore";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final String TAG = "KEYSTORE";
    private KeyStore keyStore;
    private SharedPreferencesHelper prefsHelper;

    public KeyStoreHelper(Context context, SharedPreferencesHelper sharedPreferencesHelper) {
        try {
            this.prefsHelper = sharedPreferencesHelper;
            this.keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER);
            this.keyStore.load(null);
            if (this.keyStore.containsAlias(KEYSTORE_ALIAS)) {
                return;
            }
            this.prefsHelper.setIV("");
            genKeyStoreKey(context);
            genAESKey();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private String decryptAES(String str) throws Exception {
        byte[] decode = Base64.decode(str.getBytes(), 0);
        Cipher cipher = Cipher.getInstance(AES_MODE);
        cipher.init(2, getAESKey(), new IvParameterSpec(getIV()));
        return new String(cipher.doFinal(decode));
    }

    private byte[] decryptRSA(String str) throws Exception {
        PrivateKey privateKey = (PrivateKey) this.keyStore.getKey(KEYSTORE_ALIAS, null);
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(2, privateKey);
        return cipher.doFinal(Base64.decode(str, 0));
    }

    private String encryptAES(String str) throws Exception {
        Cipher cipher = Cipher.getInstance(AES_MODE);
        cipher.init(1, getAESKey(), new IvParameterSpec(getIV()));
        return Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
    }

    private String encryptRSA(byte[] bArr) throws Exception {
        PublicKey publicKey = this.keyStore.getCertificate(KEYSTORE_ALIAS).getPublicKey();
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(1, publicKey);
        return Base64.encodeToString(cipher.doFinal(bArr), 0);
    }

    private void genAESKey() throws Exception {
        byte[] bArr = new byte[16];
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.nextBytes(bArr);
        this.prefsHelper.setIV(Base64.encodeToString(secureRandom.generateSeed(12), 0));
        this.prefsHelper.setAESKey(encryptRSA(bArr));
    }

    private void genKeyStoreKey(Context context) throws Exception {
        if (Build.VERSION.SDK_INT >= 23) {
            generateRSAKey_AboveApi23();
        } else {
            generateRSAKey_BelowApi23(context);
        }
    }

    private void generateRSAKey_AboveApi23() throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_PROVIDER);
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(KEYSTORE_ALIAS, 3).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").build());
        keyPairGenerator.generateKeyPair();
    }

    private void generateRSAKey_BelowApi23(Context context) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(KEYSTORE_ALIAS).setSubject(new X500Principal("CN=KEYSTORE_DEMO")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_PROVIDER);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private SecretKeySpec getAESKey() throws Exception {
        return new SecretKeySpec(decryptRSA(this.prefsHelper.getAESKey()), AES_MODE);
    }

    private byte[] getIV() {
        return Base64.decode(this.prefsHelper.getIV(), 0);
    }

    public String decrypt(String str) {
        try {
            return decryptAES(str);
        } catch (Exception e) {
            Log.d(TAG, Log.getStackTraceString(e));
            return "";
        }
    }

    public String encrypt(String str) {
        try {
            return encryptAES(str);
        } catch (Exception e) {
            Log.d(TAG, Log.getStackTraceString(e));
            return "";
        }
    }
}
