package com.huawei.secure.android.common.a.c.b;

import android.annotation.TargetApi;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;

/* loaded from: classes.dex */
public class a {
    private static final String a = "RSAEncryptKS";
    private static final String b = "AndroidKeyStore";
    private static final String c = "RSA/ECB/OAEPWithSHA-256AndMGF1Padding";
    private static final String d = "";
    private static final int e = 2048;

    public static String a(String str, String str2) {
        String encodeToString;
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            Log.e(a, "alias or content is null");
            return "";
        }
        if (!a()) {
            Log.e(a, "sdk version is too low");
            return "";
        }
        try {
            PublicKey b2 = b(str);
            if (b2 == null) {
                Log.e(a, "Public key is null");
                encodeToString = "";
            } else {
                Cipher cipher = Cipher.getInstance(c);
                cipher.init(1, b2, new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT));
                encodeToString = Base64.encodeToString(cipher.doFinal(str2.getBytes()), 0);
            }
            return encodeToString;
        } catch (GeneralSecurityException e2) {
            Log.e(a, "RSA encrypt exception : " + e2.getMessage());
            return "";
        }
    }

    @TargetApi(23)
    private static KeyPair a(String str) {
        try {
            Log.i(a, "generate key pair.");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", b);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 2).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("OAEPPadding").setKeySize(2048).build());
            return keyPairGenerator.generateKeyPair();
        } catch (GeneralSecurityException e2) {
            Log.e(a, "generateKeyPair exception: " + e2.getMessage());
            return null;
        }
    }

    private static boolean a() {
        return Build.VERSION.SDK_INT >= 23;
    }

    public static String b(String str, String str2) {
        String str3;
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            Log.e(a, "alias or encrypted content is null");
            return "";
        }
        if (!a()) {
            Log.e(a, "sdk version is too low");
            return "";
        }
        try {
            PrivateKey d2 = d(str);
            if (d2 == null) {
                Log.e(a, "Private key is null");
                str3 = "";
            } else {
                Cipher cipher = Cipher.getInstance(c);
                cipher.init(2, d2, new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT));
                str3 = new String(cipher.doFinal(Base64.decode(str2, 0)), "UTF-8");
            }
            return str3;
        } catch (UnsupportedEncodingException | GeneralSecurityException e2) {
            Log.e(a, "RSA decrypt exception : " + e2.getMessage());
            return "";
        }
    }

    private static PublicKey b(String str) {
        Certificate c2 = c(str);
        if (c2 == null) {
            a(str);
            c2 = c(str);
        }
        if (c2 != null) {
            return c2.getPublicKey();
        }
        return null;
    }

    private static Certificate c(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(b);
            keyStore.load(null);
            return keyStore.getCertificate(str);
        } catch (IOException | GeneralSecurityException e2) {
            Log.e(a, "load public key exception : " + e2.getMessage());
            return null;
        }
    }

    private static PrivateKey d(String str) {
        if (c(str) == null) {
            a(str);
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(b);
            keyStore.load(null);
            return (PrivateKey) keyStore.getKey(str, null);
        } catch (IOException | GeneralSecurityException e2) {
            Log.e(a, "get private key exception : " + e2.getMessage());
            return null;
        }
    }
}
