package net.giosis.qlibrary.utils;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;
import net.giosis.qlibrary.biometric.BiometricManagerV23;

/* loaded from: classes2.dex */
public class QKeyStoreManager {
    public static final String ALIAS_FINGERPRINT = "giosis_fingerprint";
    public static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static QKeyStoreManager sInstance;
    private KeyStore mKeyStore;
    private final String ALIAS_GIOSIS = BiometricManagerV23.ALIAS_PERSONAL_INFO;
    private final String ALIAS_GIOSIS_RSA = "giosis_personal_info_rsa";
    public final String ALGORITHM_SPEC_RSA = "RSA/ECB/PKCS1Padding";
    private String ALGORITHM_SPEC_AES = "AES/CBC/PKCS7Padding";

    private QKeyStoreManager() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.mKeyStore = keyStore;
            keyStore.load(null);
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (CertificateException e4) {
            e4.printStackTrace();
        }
    }

    private String decryptAES(String str, String str2) {
        try {
            SecretKey secretKey = getSecretKey();
            Cipher cipher = Cipher.getInstance(this.ALGORITHM_SPEC_AES);
            cipher.init(2, secretKey, new IvParameterSpec(Base64.decode(str, 0)));
            return new String(cipher.doFinal(Base64.decode(str2, 0)), "UTF-8");
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    private AuthData encryptAES(String str, long j) throws Exception {
        SecretKey secretKey = getSecretKey();
        Cipher cipher = Cipher.getInstance(this.ALGORITHM_SPEC_AES);
        cipher.init(1, secretKey);
        return new AuthData(new String(Base64.encodeToString(cipher.getIV(), 0)), Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 0), j);
    }

    private AuthData encryptRSA(Context context, String str, long j) throws Exception {
        byte[] bytes = str.getBytes("UTF-8");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, getRsaKeyEntry(context).getCertificate().getPublicKey());
        return new AuthData("", new String(Base64.encode(cipher.doFinal(bytes), 0)), j);
    }

    public static QKeyStoreManager getInstance() {
        if (sInstance == null) {
            sInstance = new QKeyStoreManager();
        }
        return sInstance;
    }

    private KeyStore.PrivateKeyEntry getRsaKeyEntry(Context context) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (!keyStore.containsAlias("giosis_personal_info_rsa")) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 1);
            keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context).setAlias("giosis_personal_info_rsa").setSubject(new X500Principal("CN=giosis_personal_info_rsa")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
            keyPairGenerator.generateKeyPair();
        }
        return (KeyStore.PrivateKeyEntry) keyStore.getEntry("giosis_personal_info_rsa", null);
    }

    private SecretKey getSecretKey() throws Exception {
        KeyStore keyStore = this.mKeyStore;
        KeyGenerator keyGenerator = null;
        if (keyStore == null) {
            return null;
        }
        SecretKey secretKey = (SecretKey) keyStore.getKey(BiometricManagerV23.ALIAS_PERSONAL_INFO, null);
        if (secretKey != null) {
            return secretKey;
        }
        try {
            keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (NoSuchProviderException e2) {
            e2.printStackTrace();
        }
        try {
            keyGenerator.init(new KeyGenParameterSpec.Builder(BiometricManagerV23.ALIAS_PERSONAL_INFO, 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build());
        } catch (InvalidAlgorithmParameterException e3) {
            e3.printStackTrace();
        }
        return keyGenerator.generateKey();
    }

    public String decryptRSA(Context context, String str) {
        try {
            KeyStore.PrivateKeyEntry rsaKeyEntry = getRsaKeyEntry(context);
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, rsaKeyEntry.getPrivateKey());
            return new String(cipher.doFinal(Base64.decode(str.getBytes("UTF-8"), 0)));
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public String decryptWithGiosis(Context context, String str, String str2) {
        try {
            return Build.VERSION.SDK_INT >= 23 ? decryptAES(str, str2) : decryptRSA(context, str2);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public AuthData encryptWithGiosis(Context context, String str, long j) {
        try {
            return Build.VERSION.SDK_INT >= 23 ? encryptAES(str, j) : encryptRSA(context, str, j);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public SecretKey getBiometricKeyStore() throws Exception {
        KeyStore keyStore = this.mKeyStore;
        KeyGenerator keyGenerator = null;
        if (keyStore == null) {
            return null;
        }
        SecretKey secretKey = (SecretKey) keyStore.getKey(ALIAS_FINGERPRINT, null);
        if (secretKey != null) {
            return secretKey;
        }
        try {
            keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (NoSuchProviderException unused) {
            throw new NoSuchProviderException();
        }
        KeyGenParameterSpec.Builder encryptionPaddings = new KeyGenParameterSpec.Builder(ALIAS_FINGERPRINT, 3).setBlockModes("CBC").setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding");
        if (Build.VERSION.SDK_INT >= 24) {
            encryptionPaddings.setInvalidatedByBiometricEnrollment(true);
        }
        try {
            keyGenerator.init(encryptionPaddings.build());
            return keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException unused2) {
            throw new InvalidAlgorithmParameterException();
        }
    }

    public void removeKey(String str) {
        if (this.mKeyStore != null) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                this.mKeyStore = keyStore;
                keyStore.load(null);
                if (this.mKeyStore.containsAlias(str)) {
                    this.mKeyStore.deleteEntry(str);
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                e.printStackTrace();
            }
        }
    }
}
