package com.realme.iot.common.utils.a;

import android.security.KeyPairGeneratorSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.realme.iot.common.f;
import com.realme.iot.common.utils.aw;
import com.tuya.smart.common.oo0000ooo0;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: AESKeyForBlowApi23.java */
/* loaded from: classes8.dex */
public class a {
    private static volatile Key a;

    a() {
    }

    private static String a(String str, PrivateKey privateKey) throws Exception {
        Cipher cipher = Cipher.getInstance(oo0000ooo0.O00000Oo);
        cipher.init(2, privateKey);
        return new String(cipher.doFinal(Base64.decode(str, 2)));
    }

    private static String a(String str, PublicKey publicKey) throws Exception {
        Cipher cipher = Cipher.getInstance(oo0000ooo0.O00000Oo);
        cipher.init(1, publicKey);
        return new String(Base64.encode(cipher.doFinal(str.getBytes()), 2));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key a() {
        if (a == null) {
            synchronized (a.class) {
                if (a == null) {
                    Key b = b();
                    if (b == null) {
                        b = c();
                    }
                    a = b;
                }
            }
        }
        return a;
    }

    private static Key a(byte[] bArr) {
        return new SecretKeySpec(bArr, "AES/GCM/NoPadding");
    }

    private static void a(String str) {
        try {
            KeyStore d = d();
            if (d == null) {
                return;
            }
            if (!d.containsAlias("alias_local_rsa")) {
                e();
            }
            aw.a("KEY_AES_BLOW_23", (Object) a(str, d.getCertificate("alias_local_rsa").getPublicKey()));
        } catch (Exception e) {
            com.realme.iot.common.k.c.g("SecurityUtilsForBlowApi23", "saveAESToSP: " + e.getMessage());
        }
    }

    private static Key b() {
        KeyStore d;
        try {
            String str = (String) aw.b("KEY_AES_BLOW_23", "");
            if (TextUtils.isEmpty(str) || (d = d()) == null) {
                return null;
            }
            return a(d.d(a(str, (PrivateKey) d.getKey("alias_local_rsa", null))));
        } catch (Exception e) {
            com.realme.iot.common.k.c.g("SecurityUtilsForBlowApi23", "tryGetKeyFromSP error: " + e.getMessage());
            return null;
        }
    }

    private static Key c() {
        String a2 = b.a();
        if (TextUtils.isEmpty(a2)) {
            return null;
        }
        a(a2);
        return a(d.d(a2));
    }

    private static KeyStore d() {
        KeyStore keyStore;
        Exception e;
        try {
            keyStore = KeyStore.getInstance("AndroidKeyStore");
        } catch (Exception e2) {
            keyStore = null;
            e = e2;
        }
        try {
            keyStore.load(null);
        } catch (Exception e3) {
            e = e3;
            com.realme.iot.common.k.c.g("SecurityUtilsForBlowApi23", "getKeyStore: " + e.getMessage());
            return keyStore;
        }
        return keyStore;
    }

    private static void e() {
        try {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 100);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(f.f()).setAlias("alias_local_rsa").setSubject(new X500Principal("CN=alias_local_rsa")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            com.realme.iot.common.k.c.g("SecurityUtilsForBlowApi23", "generate rsa key error: " + e.getMessage());
        }
    }
}
