package com.samsung.concierge.util;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.amazonaws.services.s3.internal.crypto.JceEncryptionConstants;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class AESUtils {
    private static final byte[] FIXED_IV = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};

    /* loaded from: classes2.dex */
    private static final class AES {
        private final Context mContext;
        private final KeyStore mKeyStore = KeyStore.getInstance("AndroidKeyStore");

        AES(Context context) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
            this.mContext = context;
            this.mKeyStore.load(null);
            generateSecretKey(this.mContext, this.mKeyStore);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String decrypt(String str) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
            if (Build.VERSION.SDK_INT < 23 || isEncryptedInPreM()) {
                Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");
                cipher.init(2, getSecretKey(true), new IvParameterSpec(AESUtils.FIXED_IV));
                return new String(cipher.doFinal(Base64.decode(str, 2)));
            }
            Cipher cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
            cipher2.init(2, getSecretKey(true), new GCMParameterSpec(128, AESUtils.FIXED_IV));
            return new String(cipher2.doFinal(Base64.decode(str, 2)));
        }

        private void deleteSecretKey() throws KeyStoreException {
            this.mKeyStore.deleteEntry("mySSAuthV2");
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String encrypt(String str) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
            if (Build.VERSION.SDK_INT < 23) {
                Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");
                cipher.init(1, getSecretKey(true), new IvParameterSpec(AESUtils.FIXED_IV));
                return Base64.encodeToString(cipher.doFinal(str.getBytes()), 2);
            }
            if (isEncryptedInPreM()) {
                deleteSecretKey();
                removeEncryptedKey();
                generateSecretKey(this.mContext, this.mKeyStore);
            }
            Cipher cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
            cipher2.init(1, getSecretKey(true), new GCMParameterSpec(128, AESUtils.FIXED_IV));
            return Base64.encodeToString(cipher2.doFinal(str.getBytes()), 2);
        }

        private void generateSecretKey(Context context, KeyStore keyStore) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
            if (Build.VERSION.SDK_INT >= 23) {
                if (keyStore.containsAlias("mySSAuthV2")) {
                    return;
                }
                KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM, "AndroidKeyStore");
                keyGenerator.init(new KeyGenParameterSpec.Builder("mySSAuthV2", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
                keyGenerator.generateKey();
                return;
            }
            if (!keyStore.containsAlias("mySSAuthV2")) {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 30);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias("mySSAuthV2").setSubject(new X500Principal("CN=mySSAuthV2")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            }
            SharedPreferences sharedPreferences = context.getSharedPreferences("SHARED_PREFERENCE_NAME", 0);
            if (sharedPreferences.getString("PREF_ENCRYPTED_KEY", null) == null) {
                byte[] bArr = new byte[16];
                new SecureRandom().nextBytes(bArr);
                String encodeToString = Base64.encodeToString(rsaEncrypt(bArr), 0);
                SharedPreferences.Editor edit = sharedPreferences.edit();
                edit.putString("PREF_ENCRYPTED_KEY", encodeToString);
                edit.apply();
            }
        }

        private Key getSecretKey(boolean z) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
            if (Build.VERSION.SDK_INT < 23 || isEncryptedInPreM()) {
                return new SecretKeySpec(rsaDecrypt(Base64.decode(this.mContext.getSharedPreferences("SHARED_PREFERENCE_NAME", 0).getString("PREF_ENCRYPTED_KEY", null), 0)), JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
            }
            try {
                return this.mKeyStore.getKey("mySSAuthV2", null);
            } catch (UnrecoverableKeyException e) {
                if (!z) {
                    throw e;
                }
                this.mKeyStore.deleteEntry("mySSAuthV2");
                return getSecretKey(false);
            }
        }

        private boolean isEncryptedInPreM() {
            return this.mContext.getSharedPreferences("SHARED_PREFERENCE_NAME", 0).getString("PREF_ENCRYPTED_KEY", null) != null;
        }

        private void removeEncryptedKey() {
            this.mContext.getSharedPreferences("SHARED_PREFERENCE_NAME", 0).edit().remove("PREF_ENCRYPTED_KEY").apply();
        }

        private byte[] rsaDecrypt(byte[] bArr) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.mKeyStore.getEntry("mySSAuthV2", null);
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
            cipher.init(2, privateKeyEntry.getPrivateKey());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            byte[] bArr2 = new byte[arrayList.size()];
            for (int i = 0; i < bArr2.length; i++) {
                bArr2[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            return bArr2;
        }

        private byte[] rsaEncrypt(byte[] bArr) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.mKeyStore.getEntry("mySSAuthV2", null);
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
            cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(bArr);
            cipherOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String voucher_encrypt(String str) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
            SecretKeySpec secretKeySpec = new SecretKeySpec("bXlTYW1zdW5nTWVtYmVyc2hpcFRpZXI=".getBytes(), JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding", "BC");
            cipher.init(1, secretKeySpec);
            return Base64.encodeToString(cipher.doFinal(str.getBytes()), 2);
        }
    }

    public static String decrypt(Context context, String str) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        return new AES(context).decrypt(str);
    }

    public static String encrypt(Context context, String str) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        return new AES(context).encrypt(str);
    }

    public static String voucher_encrypt(Context context, String str) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        return new AES(context).voucher_encrypt(str);
    }
}
