package com.monect.utilities;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.s;

/* compiled from: KeystoreCipher.kt */
/* loaded from: classes.dex */
public final class d {
    private final String a;
    private final String b;
    private final String c;

    /* renamed from: d, reason: collision with root package name */
    private final String f8202d;

    /* renamed from: e, reason: collision with root package name */
    private KeyStore f8203e;

    /* renamed from: f, reason: collision with root package name */
    private final String f8204f;

    /* renamed from: g, reason: collision with root package name */
    private final String f8205g;

    /* renamed from: h, reason: collision with root package name */
    private final byte[] f8206h;

    public d(Context context) {
        kotlin.z.d.i.e(context, "context");
        this.a = "AES/ECB/PKCS7Padding";
        this.b = "AES/GCM/NoPadding";
        this.c = "AndroidKeyStore";
        this.f8202d = "com.monect.rsakey";
        this.f8204f = "RSA/ECB/PKCS1Padding";
        this.f8205g = "AES_ENCRYPTED_KEY";
        int i2 = 4 ^ 2;
        int i3 = 3 >> 5;
        this.f8206h = new byte[]{11, (byte) 196, 1, (byte) 187, 103, (byte) 222, 51, (byte) 207, (byte) 204, 8, 15, (byte) 188};
        a(context);
        if (Build.VERSION.SDK_INT < 23) {
            d(context);
        }
    }

    private final void a(Context context) {
        KeyStore keyStore = KeyStore.getInstance(this.c);
        keyStore.load(null);
        if (!keyStore.containsAlias(this.f8202d)) {
            if (Build.VERSION.SDK_INT >= 23) {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", this.c);
                int i2 = 5 | 4;
                keyGenerator.init(new KeyGenParameterSpec.Builder(this.f8202d, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
                keyGenerator.generateKey();
            } else {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 30);
                KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(context).setAlias(this.f8202d).setSubject(new X500Principal("CN=" + this.f8202d)).setSerialNumber(BigInteger.TEN);
                kotlin.z.d.i.d(calendar, "start");
                KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(calendar.getTime());
                kotlin.z.d.i.d(calendar2, "end");
                KeyPairGeneratorSpec build = startDate.setEndDate(calendar2.getTime()).build();
                kotlin.z.d.i.d(build, "KeyPairGeneratorSpec.Bui…                 .build()");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", this.c);
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            }
        }
        s sVar = s.a;
        this.f8203e = keyStore;
    }

    private final void d(Context context) {
        SharedPreferences b = androidx.preference.j.b(context);
        if (b.getString(this.f8205g, null) == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            int i2 = 4 << 3;
            String encodeToString = Base64.encodeToString(g(bArr), 0);
            SharedPreferences.Editor edit = b.edit();
            edit.putString(this.f8205g, encodeToString);
            edit.commit();
        }
    }

    public final byte[] b(Context context, byte[] bArr) {
        kotlin.z.d.i.e(context, "context");
        int i2 = 3 | 1;
        kotlin.z.d.i.e(bArr, "encrypted");
        byte[] bArr2 = null;
        int i3 = 5 & 0;
        if (Build.VERSION.SDK_INT >= 23) {
            Key e2 = e(context);
            if (e2 != null) {
                Cipher cipher = Cipher.getInstance(this.b);
                int i4 = 2 & 7;
                cipher.init(2, e2, new GCMParameterSpec(128, this.f8206h));
                bArr2 = cipher.doFinal(bArr);
            }
        } else if (e(context) != null) {
            Cipher cipher2 = Cipher.getInstance(this.a, "BC");
            cipher2.init(2, e(context));
            bArr2 = cipher2.doFinal(bArr);
        }
        return bArr2;
    }

    public final String c(Context context, byte[] bArr) {
        kotlin.z.d.i.e(context, "context");
        kotlin.z.d.i.e(bArr, "input");
        String str = null;
        int i2 = 0 << 0;
        if (Build.VERSION.SDK_INT >= 23) {
            Key e2 = e(context);
            if (e2 != null) {
                Cipher cipher = Cipher.getInstance(this.b);
                cipher.init(1, e2, new GCMParameterSpec(128, this.f8206h));
                str = Base64.encodeToString(cipher.doFinal(bArr), 0);
            }
        } else {
            Key e3 = e(context);
            if (e3 != null) {
                Cipher cipher2 = Cipher.getInstance(this.a, "BC");
                cipher2.init(1, e3);
                str = Base64.encodeToString(cipher2.doFinal(bArr), 0);
            }
        }
        return str;
    }

    public final Key e(Context context) {
        kotlin.z.d.i.e(context, "context");
        if (Build.VERSION.SDK_INT >= 23) {
            KeyStore keyStore = this.f8203e;
            if (keyStore == null) {
                return null;
            }
            int i2 = 1 << 6;
            return keyStore.getKey(this.f8202d, null);
        }
        byte[] decode = Base64.decode(androidx.preference.j.b(context).getString(this.f8205g, null), 0);
        kotlin.z.d.i.d(decode, "encryptedKey");
        byte[] f2 = f(decode);
        if (f2 != null) {
            return new SecretKeySpec(f2, "AES");
        }
        return null;
    }

    public final byte[] f(byte[] bArr) {
        kotlin.z.d.i.e(bArr, "encrypted");
        KeyStore keyStore = this.f8203e;
        byte[] bArr2 = null;
        if (keyStore != null) {
            KeyStore.Entry entry = keyStore.getEntry(this.f8202d, null);
            Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            Cipher cipher = Cipher.getInstance(this.f8204f, "AndroidOpenSSL");
            cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
            int i2 = 3 << 3;
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int i3 = 6 & 2;
            Object[] array = arrayList.toArray(new Byte[0]);
            Objects.requireNonNull(array, "null cannot be cast to non-null type kotlin.Array<T>");
            bArr2 = kotlin.u.h.x((Byte[]) array);
        }
        return bArr2;
    }

    public final byte[] g(byte[] bArr) {
        kotlin.z.d.i.e(bArr, "secret");
        KeyStore keyStore = this.f8203e;
        byte[] bArr2 = null;
        if (keyStore != null) {
            KeyStore.Entry entry = keyStore.getEntry(this.f8202d, null);
            Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            Cipher cipher = Cipher.getInstance(this.f8204f, "AndroidOpenSSL");
            Certificate certificate = ((KeyStore.PrivateKeyEntry) entry).getCertificate();
            kotlin.z.d.i.d(certificate, "privateKeyEntry.certificate");
            cipher.init(1, certificate.getPublicKey());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(bArr);
            cipherOutputStream.close();
            bArr2 = byteArrayOutputStream.toByteArray();
        }
        return bArr2;
    }
}
