package com.nio.lego.lib.core.utils;

import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import com.example.cryptolibrary.AESUtil;
import com.nio.lego.lib.abtest.LgABTestHelper;
import com.nio.lego.lib.core.AppContext;
import com.nio.lego.lib.core.utils.EncryptedKeyUtils;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.GregorianCalendar;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Deprecated;
import kotlin.jvm.JvmStatic;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.text.Charsets;
import kotlin.text.StringsKt__StringsKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

@SourceDebugExtension({"SMAP\nKeyStoreUtils.kt\nKotlin\n*S Kotlin\n*F\n+ 1 KeyStoreUtils.kt\ncom/nio/lego/lib/core/utils/KeyStoreUtils\n+ 2 ArraysJVM.kt\nkotlin/collections/ArraysKt__ArraysJVMKt\n*L\n1#1,431:1\n37#2,2:432\n*S KotlinDebug\n*F\n+ 1 KeyStoreUtils.kt\ncom/nio/lego/lib/core/utils/KeyStoreUtils\n*L\n117#1:432,2\n*E\n"})
/* loaded from: classes6.dex */
public final class KeyStoreUtils {

    @NotNull
    public static final String g = "NioAesKeyAlias";

    @NotNull
    public static final String h = "NioKeyAliasFast";

    @NotNull
    public static final String i = "RSA";

    @NotNull
    public static final String j = "AndroidKeyStore";

    @NotNull
    private static final String k = "]";

    @NotNull
    private static final String l = "AES/CBC/PKCS7Padding";

    @NotNull
    private static final String m = "RSA/ECB/PKCS1Padding";

    @NotNull
    private static final String n = "keystore_utils";

    @NotNull
    private static final String o = "FAST_AES_IV";

    @NotNull
    private static final String p = "FAST_AES_KEY";

    @NotNull
    private static final String q = "FAST_AES_IV2";

    @NotNull
    private static final String r = "FAST_AES_KEY2";

    @NotNull
    private static final String s = "ERROR_RETRY_COUNTER";
    private static final int t = 3;

    /* renamed from: a, reason: collision with root package name */
    private boolean f6514a;

    @Nullable
    private KeyStore b;

    /* renamed from: c, reason: collision with root package name */
    @Nullable
    private SpUtils f6515c;

    @Nullable
    private String d;

    @Nullable
    private String e;

    @NotNull
    public static final Companion f = new Companion(null);

    @NotNull
    private static final ConcurrentHashMap<String, SecretKey> u = new ConcurrentHashMap<>();

    @NotNull
    private static final ConcurrentHashMap<String, KeyStore.PrivateKeyEntry> v = new ConcurrentHashMap<>();

    /* loaded from: classes6.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        @JvmStatic
        @NotNull
        public final KeyStoreUtils a() {
            return KeyStoreUtilsHolder.f6516a.a();
        }
    }

    /* loaded from: classes6.dex */
    public static final class KeyStoreUtilsHolder {

        /* renamed from: a, reason: collision with root package name */
        @NotNull
        public static final KeyStoreUtilsHolder f6516a = new KeyStoreUtilsHolder();

        @NotNull
        private static final KeyStoreUtils b = new KeyStoreUtils(null);

        private KeyStoreUtilsHolder() {
        }

        @NotNull
        public final KeyStoreUtils a() {
            return b;
        }
    }

    private KeyStoreUtils() {
        this.f6514a = LgABTestHelper.k("app-lego", "should_use_encrypted_sp", true);
    }

    public /* synthetic */ KeyStoreUtils(DefaultConstructorMarker defaultConstructorMarker) {
        this();
    }

    @Deprecated(message = "部分小米安卓13机型启动Crash")
    private final synchronized byte[] b(String str, byte[] bArr) throws GeneralSecurityException {
        if (bArr != null) {
            if (bArr.length != 0) {
                Cipher cipher = Cipher.getInstance(m);
                Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(RSA_DEFAULT_TRANSFORMATION)");
                PrivateKey privateKey = k(str).getPrivateKey();
                Intrinsics.checkNotNullExpressionValue(privateKey, "getRasKey(alias).getPrivateKey()");
                cipher.init(2, privateKey);
                return cipher.doFinal(bArr);
            }
        }
        return null;
    }

    @Deprecated(message = "部分小米安卓13机型启动Crash")
    private final synchronized String f(String str, byte[] bArr) throws GeneralSecurityException {
        if (bArr != null) {
            if (bArr.length != 0) {
                Cipher cipher = Cipher.getInstance(m);
                Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(RSA_DEFAULT_TRANSFORMATION)");
                PublicKey publicKey = k(str).getCertificate().getPublicKey();
                Intrinsics.checkNotNullExpressionValue(publicKey, "getRasKey(alias).getCertificate().getPublicKey()");
                cipher.init(1, publicKey);
                return CryptoUtils.f6489a.m(cipher.doFinal(bArr));
            }
        }
        return null;
    }

    @JvmStatic
    @NotNull
    public static final KeyStoreUtils i() {
        return f.a();
    }

    private final SecretKey j(String str) {
        ConcurrentHashMap<String, SecretKey> concurrentHashMap = u;
        SecretKey secretKey = concurrentHashMap.get(str);
        if (secretKey != null) {
            return secretKey;
        }
        l();
        try {
            KeyStore keyStore = this.b;
            Intrinsics.checkNotNull(keyStore);
            if (keyStore.containsAlias(str)) {
                KeyStore keyStore2 = this.b;
                Intrinsics.checkNotNull(keyStore2);
                Key key = keyStore2.getKey(str, null);
                Intrinsics.checkNotNullExpressionValue(key, "keyStore!!.getKey(alias, null)");
                if (key instanceof SecretKey) {
                    secretKey = (SecretKey) key;
                } else {
                    KeyStore keyStore3 = this.b;
                    Intrinsics.checkNotNull(keyStore3);
                    keyStore3.deleteEntry(str);
                }
            }
            if (secretKey == null) {
                KeyGenerator keyGenerator = KeyGenerator.getInstance(AESUtil.b, j);
                Intrinsics.checkNotNullExpressionValue(keyGenerator, "getInstance(\n           …ROVIDER\n                )");
                KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str, 3);
                builder.setBlockModes("CBC").setKeySize(256).setEncryptionPaddings("PKCS7Padding");
                keyGenerator.init(builder.build());
                secretKey = keyGenerator.generateKey();
            }
            Intrinsics.checkNotNull(secretKey);
            concurrentHashMap.put(str, secretKey);
            return secretKey;
        } catch (InvalidAlgorithmParameterException e) {
            throw new RuntimeException("Failed to retrieve AES key in Keystore", e);
        } catch (KeyStoreException e2) {
            throw new RuntimeException("Failed to retrieve AES key in Keystore", e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new RuntimeException("Failed to retrieve AES key in Keystore", e3);
        } catch (NoSuchProviderException e4) {
            throw new RuntimeException("Failed to retrieve AES key in Keystore", e4);
        } catch (UnrecoverableKeyException e5) {
            throw new RuntimeException("Failed to retrieve AES key in Keystore", e5);
        }
    }

    @Deprecated(message = "部分小米安卓13机型启动Crash")
    private final synchronized KeyStore.PrivateKeyEntry k(String str) {
        if (TextUtils.isEmpty(str)) {
            str = g;
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = v.get(str);
        if (privateKeyEntry != null) {
            return privateKeyEntry;
        }
        l();
        try {
            KeyStore keyStore = this.b;
            Intrinsics.checkNotNull(keyStore);
            if (keyStore.containsAlias(str)) {
                KeyStore keyStore2 = this.b;
                Intrinsics.checkNotNull(keyStore2);
                Key key = keyStore2.getKey(str, null);
                Intrinsics.checkNotNullExpressionValue(key, "keyStore!!.getKey(alias, null)");
                KeyStore keyStore3 = this.b;
                Intrinsics.checkNotNull(keyStore3);
                Certificate certificate = keyStore3.getCertificate(str);
                if (!(key instanceof PrivateKey) || certificate == null) {
                    KeyStore keyStore4 = this.b;
                    Intrinsics.checkNotNull(keyStore4);
                    keyStore4.deleteEntry(str);
                } else {
                    privateKeyEntry = new KeyStore.PrivateKeyEntry((PrivateKey) key, new Certificate[]{certificate});
                }
            }
            if (privateKeyEntry == null) {
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
                gregorianCalendar2.add(1, 30);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(AppContext.getApp()).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.valueOf(Math.abs(str.hashCode()))).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).setKeySize(2048).build();
                Intrinsics.checkNotNullExpressionValue(build, "Builder(AppContext.getAp…                 .build()");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", j);
                Intrinsics.checkNotNullExpressionValue(keyPairGenerator, "getInstance(\n           …ROVIDER\n                )");
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            }
            KeyStore keyStore5 = this.b;
            Intrinsics.checkNotNull(keyStore5);
            Key key2 = keyStore5.getKey(str, null);
            Intrinsics.checkNotNullExpressionValue(key2, "keyStore!!.getKey(alias, null)");
            KeyStore keyStore6 = this.b;
            Intrinsics.checkNotNull(keyStore6);
            Certificate certificate2 = keyStore6.getCertificate(str);
            if (!(key2 instanceof PrivateKey) || certificate2 == null) {
                throw new RuntimeException("Failed to retrieve AES key in Keystore");
            }
            return new KeyStore.PrivateKeyEntry((PrivateKey) key2, new Certificate[]{certificate2});
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("Failed to retrieve AES key in Keystore", e);
        }
    }

    private final synchronized void l() {
        try {
            try {
                try {
                    if (this.b == null) {
                        KeyStore keyStore = KeyStore.getInstance(j);
                        this.b = keyStore;
                        Intrinsics.checkNotNull(keyStore);
                        keyStore.load(null);
                    }
                } catch (IOException e) {
                    throw new RuntimeException("Failed to load Keystore", e);
                }
            } catch (NoSuchAlgorithmException e2) {
                throw new RuntimeException("Failed to load Keystore", e2);
            }
        } catch (KeyStoreException e3) {
            throw new RuntimeException("Failed to load Keystore", e3);
        } catch (CertificateException e4) {
            throw new RuntimeException("Failed to load Keystore", e4);
        }
    }

    private final synchronized void o() {
        if (TextUtils.isEmpty(this.d) || TextUtils.isEmpty(this.e)) {
            if (this.f6515c == null) {
                this.f6515c = new SpUtils(AppContext.getApp(), n);
            }
            SpUtils spUtils = this.f6515c;
            Intrinsics.checkNotNull(spUtils);
            String k2 = spUtils.k(r);
            SpUtils spUtils2 = this.f6515c;
            Intrinsics.checkNotNull(spUtils2);
            String k3 = spUtils2.k(q);
            SpUtils spUtils3 = this.f6515c;
            Intrinsics.checkNotNull(spUtils3);
            int g2 = spUtils3.g(s);
            if (!TextUtils.isEmpty(k2) && !TextUtils.isEmpty(k3)) {
                try {
                    this.d = d(g, k2);
                    this.e = d(g, k3);
                    return;
                } catch (GeneralSecurityException e) {
                    e.printStackTrace();
                    g2++;
                    if (g2 < 3) {
                        SpUtils spUtils4 = this.f6515c;
                        Intrinsics.checkNotNull(spUtils4);
                        spUtils4.p(s, g2);
                        throw new RuntimeException("Failed to load fast AES key2", e);
                    }
                    SpUtils spUtils5 = this.f6515c;
                    Intrinsics.checkNotNull(spUtils5);
                    spUtils5.a();
                }
            }
            SpUtils spUtils6 = this.f6515c;
            Intrinsics.checkNotNull(spUtils6);
            String k4 = spUtils6.k(p);
            SpUtils spUtils7 = this.f6515c;
            Intrinsics.checkNotNull(spUtils7);
            String k5 = spUtils7.k(o);
            if (!TextUtils.isEmpty(k4) && !TextUtils.isEmpty(k5)) {
                try {
                    StringUtils stringUtils = StringUtils.f6535a;
                    CryptoUtils cryptoUtils = CryptoUtils.f6489a;
                    this.d = stringUtils.h(b(h, cryptoUtils.c(k4)));
                    this.e = stringUtils.h(b(h, cryptoUtils.c(k5)));
                    String h2 = h(g, this.d);
                    String h3 = h(g, this.e);
                    SpUtils spUtils8 = this.f6515c;
                    Intrinsics.checkNotNull(spUtils8);
                    spUtils8.r(r, h2);
                    SpUtils spUtils9 = this.f6515c;
                    Intrinsics.checkNotNull(spUtils9);
                    spUtils9.r(q, h3);
                    return;
                } catch (GeneralSecurityException e2) {
                    e2.printStackTrace();
                    int i2 = g2 + 1;
                    if (i2 < 3) {
                        SpUtils spUtils10 = this.f6515c;
                        Intrinsics.checkNotNull(spUtils10);
                        spUtils10.p(s, i2);
                        throw new RuntimeException("Failed to load fast AES key", e2);
                    }
                    SpUtils spUtils11 = this.f6515c;
                    Intrinsics.checkNotNull(spUtils11);
                    spUtils11.a();
                }
            }
            this.d = CryptoUtils.C(32);
            this.e = CryptoUtils.C(16);
            try {
                String h4 = h(g, this.d);
                String h5 = h(g, this.e);
                SpUtils spUtils12 = this.f6515c;
                Intrinsics.checkNotNull(spUtils12);
                spUtils12.r(r, h4);
                SpUtils spUtils13 = this.f6515c;
                Intrinsics.checkNotNull(spUtils13);
                spUtils13.r(q, h5);
            } catch (GeneralSecurityException e3) {
                e3.printStackTrace();
                throw new RuntimeException("Failed to encrypt fast AES key2", e3);
            }
        }
    }

    private final void p(byte[] bArr, String str) throws GeneralSecurityException {
        if (bArr != null) {
            if (!(bArr.length == 0)) {
                return;
            }
        }
        throw new GeneralSecurityException(str);
    }

    @Nullable
    public final String a(@Nullable String str) throws GeneralSecurityException {
        if (str == null || str.length() == 0) {
            return "";
        }
        if (this.f6514a && Intrinsics.areEqual(AppContext.getBrand(), "alps")) {
            return EncryptedKeyUtils.e(EncryptedKeyUtils.Companion.b(EncryptedKeyUtils.f, null, 1, null), str, null, 2, null);
        }
        if (TextUtils.isEmpty(this.d) || TextUtils.isEmpty(this.e)) {
            o();
        }
        StringUtils stringUtils = StringUtils.f6535a;
        CryptoUtils cryptoUtils = CryptoUtils.f6489a;
        String str2 = this.d;
        Intrinsics.checkNotNull(str2);
        SecretKeySpec t2 = cryptoUtils.t(str2);
        String str3 = this.e;
        Intrinsics.checkNotNull(str3);
        byte[] bytes = str3.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        return stringUtils.h(cryptoUtils.f(t2, bytes, cryptoUtils.c(str)));
    }

    @NotNull
    public final String c(@Nullable String str) throws GeneralSecurityException {
        return d(g, str);
    }

    @NotNull
    public final String d(@NotNull String alias, @Nullable String str) throws GeneralSecurityException {
        List split$default;
        Intrinsics.checkNotNullParameter(alias, "alias");
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        Intrinsics.checkNotNull(str);
        split$default = StringsKt__StringsKt.split$default((CharSequence) str, new String[]{k}, false, 0, 6, (Object) null);
        String[] strArr = (String[]) split$default.toArray(new String[0]);
        if (strArr.length < 2) {
            throw new GeneralSecurityException("Input data seems to be corrupt.");
        }
        CryptoUtils cryptoUtils = CryptoUtils.f6489a;
        byte[] c2 = cryptoUtils.c(strArr[0]);
        p(c2, "Invalid IV");
        SecretKey j2 = j(alias);
        Cipher cipher = Cipher.getInstance(l);
        Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(AES_DEFAULT_TRANSFORMATION)");
        cipher.init(2, j2, new IvParameterSpec(c2));
        StringBuilder sb = new StringBuilder();
        if (strArr.length == 2) {
            byte[] c3 = cryptoUtils.c(strArr[1]);
            p(c3, "Invalid cipher bytes");
            byte[] doFinal = cipher.doFinal(c3);
            Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(cipherBytes)");
            p(doFinal, "AES decryption failed");
            sb.append(StringUtils.f6535a.h(doFinal));
        } else {
            int length = strArr.length - 1;
            for (int i2 = 1; i2 < length; i2++) {
                byte[] c4 = CryptoUtils.f6489a.c(strArr[i2]);
                p(c4, "Invalid cipher bytes");
                byte[] update = cipher.update(c4);
                Intrinsics.checkNotNullExpressionValue(update, "cipher.update(cipherBytes)");
                p(update, "AES decryption failed");
                sb.append(StringUtils.f6535a.h(update));
            }
            byte[] c5 = CryptoUtils.f6489a.c(strArr[strArr.length - 1]);
            p(c5, "Invalid cipher bytes");
            byte[] doFinal2 = cipher.doFinal(c5);
            Intrinsics.checkNotNullExpressionValue(doFinal2, "cipher.doFinal(cipherBytes)");
            p(doFinal2, "AES decryption failed");
            sb.append(StringUtils.f6535a.h(doFinal2));
        }
        String sb2 = sb.toString();
        Intrinsics.checkNotNullExpressionValue(sb2, "stringBuilder.toString()");
        return sb2;
    }

    @Nullable
    public final String e(@NotNull String plainText) throws GeneralSecurityException {
        Intrinsics.checkNotNullParameter(plainText, "plainText");
        if (this.f6514a && Intrinsics.areEqual(AppContext.getBrand(), "alps")) {
            return EncryptedKeyUtils.g(EncryptedKeyUtils.Companion.b(EncryptedKeyUtils.f, null, 1, null), plainText, null, 2, null);
        }
        if (TextUtils.isEmpty(this.d) || TextUtils.isEmpty(this.e)) {
            o();
        }
        CryptoUtils cryptoUtils = CryptoUtils.f6489a;
        String str = this.d;
        Intrinsics.checkNotNull(str);
        SecretKeySpec t2 = cryptoUtils.t(str);
        String str2 = this.e;
        Intrinsics.checkNotNull(str2);
        Charset charset = Charsets.UTF_8;
        byte[] bytes = str2.getBytes(charset);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        byte[] bytes2 = plainText.getBytes(charset);
        Intrinsics.checkNotNullExpressionValue(bytes2, "this as java.lang.String).getBytes(charset)");
        return cryptoUtils.m(cryptoUtils.p(t2, bytes, bytes2));
    }

    @NotNull
    public final String g(@NotNull String plainText) throws GeneralSecurityException {
        Intrinsics.checkNotNullParameter(plainText, "plainText");
        return h(g, plainText);
    }

    @NotNull
    public final String h(@NotNull String alias, @Nullable String str) throws GeneralSecurityException {
        Intrinsics.checkNotNullParameter(alias, "alias");
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        SecretKey j2 = j(alias);
        Cipher cipher = Cipher.getInstance(l);
        Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(AES_DEFAULT_TRANSFORMATION)");
        cipher.init(1, j2);
        int i2 = 0;
        StringBuilder sb = new StringBuilder(CryptoUtils.f6489a.m(cipher.getIV()));
        StringBuilder sb2 = new StringBuilder(str);
        while (true) {
            if (i2 >= sb2.length()) {
                break;
            }
            int i3 = i2 + 4096;
            if (i3 >= sb2.length()) {
                String substring = sb2.substring(i2, sb2.length());
                Intrinsics.checkNotNullExpressionValue(substring, "plainTextBuilder.substring(index, end)");
                Charset UTF_8 = StandardCharsets.UTF_8;
                Intrinsics.checkNotNullExpressionValue(UTF_8, "UTF_8");
                byte[] bytes = substring.getBytes(UTF_8);
                Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
                byte[] doFinal = cipher.doFinal(bytes);
                Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(str.toByt…(StandardCharsets.UTF_8))");
                String m2 = CryptoUtils.f6489a.m(doFinal);
                sb.append(k);
                sb.append(m2);
                break;
            }
            String substring2 = sb2.substring(i2, i3);
            Intrinsics.checkNotNullExpressionValue(substring2, "plainTextBuilder.substring(index, end)");
            Charset UTF_82 = StandardCharsets.UTF_8;
            Intrinsics.checkNotNullExpressionValue(UTF_82, "UTF_8");
            byte[] bytes2 = substring2.getBytes(UTF_82);
            Intrinsics.checkNotNullExpressionValue(bytes2, "this as java.lang.String).getBytes(charset)");
            byte[] update = cipher.update(bytes2);
            Intrinsics.checkNotNullExpressionValue(update, "cipher.update(str.toByte…(StandardCharsets.UTF_8))");
            String m3 = CryptoUtils.f6489a.m(update);
            sb.append(k);
            sb.append(m3);
            i2 = i3;
        }
        String sb3 = sb.toString();
        Intrinsics.checkNotNullExpressionValue(sb3, "retBuilder.toString()");
        return sb3;
    }

    public final boolean m() {
        return n(g);
    }

    public final boolean n(@Nullable String str) {
        l();
        try {
            KeyStore keyStore = this.b;
            Intrinsics.checkNotNull(keyStore);
            return keyStore.containsAlias(str);
        } catch (KeyStoreException e) {
            e.printStackTrace();
            return false;
        }
    }
}
