package com.thz.keystorehelper;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class KeystoreHelper {
    private static final String ALGORITHM = "RSA";
    public static final String CHARSET = "UTF-8";
    private static final String CIPHER_PROVIDER = "AndroidOpenSSL";
    private static final String CIPHER_TYPE = "RSA/ECB/PKCS1Padding";
    private static final String KEYSTORE = "AndroidKeyStore";
    private static final String PRINCIPLE = "CN=ABC, O=Android Authority";
    private Context context;
    private KeyStore keyStore;

    public KeystoreHelper(Context context) throws KeyStoreException, NoSuchAlgorithmException, IOException, CertificateException {
        this.context = context;
        initKeystore();
    }

    private void initKeystore() throws KeyStoreException, NoSuchAlgorithmException, IOException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE);
        this.keyStore = keyStore;
        keyStore.load(null);
    }

    public void createKeys(Context context, String str) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException {
        if (this.keyStore.containsAlias(str)) {
            return;
        }
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 100);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM, KEYSTORE);
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 2).setCertificateSubject(new X500Principal("CN=" + str)).setDigests("SHA-256").setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(BigInteger.valueOf(1337L)).setCertificateNotBefore(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime()).build());
        keyPairGenerator.generateKeyPair();
    }

    public String decryptString(String str, String str2) throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IOException {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.keyStore.getEntry(str, null);
        Cipher cipher = getCipher();
        cipher.init(2, privateKeyEntry.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str2, 0)), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr = new byte[size];
        for (int i = 0; i < size; i++) {
            bArr[i] = ((Byte) arrayList.get(i)).byteValue();
        }
        return new String(bArr, 0, size, "UTF-8");
    }

    public void decryptStringAsync(String str, String str2, EncryptionDecryptionListener encryptionDecryptionListener) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IOException, UnrecoverableEntryException, KeyStoreException, InvalidAlgorithmParameterException {
        try {
            new TasksRepo(this).executeDecryptionTask(str2, str, encryptionDecryptionListener);
        } catch (CertificateException e) {
            e.printStackTrace();
        }
    }

    public String encryptString(String str, String str2) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IOException, UnrecoverableEntryException, KeyStoreException, InvalidAlgorithmParameterException {
        createKeys(this.context, str);
        RSAPublicKey rSAPublicKey = (RSAPublicKey) ((KeyStore.PrivateKeyEntry) this.keyStore.getEntry(str, null)).getCertificate().getPublicKey();
        Cipher cipher = getCipher();
        cipher.init(1, rSAPublicKey);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(str2.getBytes("UTF-8"));
        cipherOutputStream.close();
        return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
    }

    public void encryptStringAsync(String str, String str2, EncryptionDecryptionListener encryptionDecryptionListener) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IOException, UnrecoverableEntryException, KeyStoreException, InvalidAlgorithmParameterException {
        try {
            new TasksRepo(this).executeEncryptionTask(str2, str, encryptionDecryptionListener);
        } catch (CertificateException e) {
            e.printStackTrace();
        }
    }

    public Cipher getCipher() {
        try {
            return Cipher.getInstance(CIPHER_TYPE, "AndroidKeyStoreBCWorkaround");
        } catch (Exception e) {
            throw new RuntimeException("getCipher: Failed to get an instance of Cipher", e);
        }
    }
}
