package com.huawei.secure.android.common.encrypt.keystore.aes;

import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import com.huawei.secure.android.common.encrypt.utils.HexUtil;
import com.huawei.secure.android.common.encrypt.utils.b;
import com.tencent.soter.core.keystore.KeyPropertiesCompact;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;

/* loaded from: classes4.dex */
public class AesGcmKS {

    /* renamed from: a, reason: collision with root package name */
    private static final String f30334a = "GCMKS";

    /* renamed from: b, reason: collision with root package name */
    private static final String f30335b = "AndroidKeyStore";

    /* renamed from: c, reason: collision with root package name */
    private static final String f30336c = "AES/GCM/NoPadding";

    /* renamed from: d, reason: collision with root package name */
    private static final int f30337d = 12;

    /* renamed from: e, reason: collision with root package name */
    private static final int f30338e = 256;

    /* renamed from: f, reason: collision with root package name */
    private static Map<String, SecretKey> f30339f = new ConcurrentHashMap();

    private static SecretKey a(String str, Boolean bool) throws AesKsParamException {
        b.c(f30334a, "load key");
        try {
            KeyStore keyStore = KeyStore.getInstance(f30335b);
            keyStore.load(null);
            Key key = keyStore.getKey(str, null);
            if (key instanceof SecretKey) {
                return (SecretKey) key;
            }
            if (!bool.booleanValue()) {
                return null;
            }
            b.c(f30334a, "generate key");
            KeyGenerator keyGenerator = KeyGenerator.getInstance(KeyPropertiesCompact.KEY_ALGORITHM_AES, f30335b);
            keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes(KeyPropertiesCompact.BLOCK_MODE_GCM).setEncryptionPaddings(KeyPropertiesCompact.ENCRYPTION_PADDING_NONE).setKeySize(256).build());
            return keyGenerator.generateKey();
        } catch (IOException e10) {
            b.b(f30334a, "IOException : " + e10.getMessage());
            throw new AesKsParamException("IOException : " + e10.getMessage());
        } catch (InvalidAlgorithmParameterException e11) {
            b.b(f30334a, "InvalidAlgorithmParameterException : " + e11.getMessage());
            throw new AesKsParamException("InvalidAlgorithmParameterException : " + e11.getMessage());
        } catch (KeyStoreException e12) {
            b.b(f30334a, "KeyStoreException : " + e12.getMessage());
            throw new AesKsParamException("KeyStoreException : " + e12.getMessage());
        } catch (NoSuchAlgorithmException e13) {
            b.b(f30334a, "NoSuchAlgorithmException : " + e13.getMessage());
            throw new AesKsParamException("NoSuchAlgorithmException : " + e13.getMessage());
        } catch (NoSuchProviderException e14) {
            b.b(f30334a, "NoSuchProviderException : " + e14.getMessage());
            throw new AesKsParamException("NoSuchProviderException : " + e14.getMessage());
        } catch (UnrecoverableKeyException e15) {
            b.b(f30334a, "UnrecoverableKeyException : " + e15.getMessage());
            throw new AesKsParamException("UnrecoverableKeyException : " + e15.getMessage());
        } catch (CertificateException e16) {
            b.b(f30334a, "CertificateException : " + e16.getMessage());
            throw new AesKsParamException("CertificateException : " + e16.getMessage());
        } catch (Exception e17) {
            b.b(f30334a, "Exception: " + e17.getMessage());
            throw new AesKsParamException("Exception : " + e17.getMessage());
        }
    }

    private static void a() throws AesKsParamException {
    }

    private static SecretKey b(String str, Boolean bool) throws AesKsParamException {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        if (f30339f.get(str) == null) {
            synchronized (AesGcmKS.class) {
                if (f30339f.get(str) == null) {
                    SecretKey a10 = a(str, bool);
                    if (a10 == null) {
                        b.b(f30334a, "AES GCM is decrypt,but alias is null");
                        throw new AesKsParamException("AES GCM is decrypt,but alias is null");
                    }
                    f30339f.put(str, a10);
                }
            }
        }
        return f30339f.get(str);
    }

    public static String decrypt(String str, String str2) throws AesKsParamException {
        if (TextUtils.isEmpty(str)) {
            b.b(f30334a, "decrypt alias is empty.");
            throw new AesKsParamException("decrypt alias is empty.");
        }
        if (TextUtils.isEmpty(str2)) {
            b.b(f30334a, "decrypt content is empty.");
            throw new AesKsParamException("decrypt content is empty.");
        }
        try {
            return new String(decrypt(str, HexUtil.hexStr2ByteArray(str2)), "UTF-8");
        } catch (UnsupportedEncodingException unused) {
            b.b(f30334a, "decrypt content getBytes with utf-8 error.");
            throw new AesKsParamException("decrypt content getBytes with utf-8 error.");
        }
    }

    public static byte[] decrypt(String str, byte[] bArr) throws AesKsParamException {
        if (TextUtils.isEmpty(str)) {
            b.b(f30334a, "decrypt alias is empty.");
            throw new AesKsParamException("decrypt alias is empty.");
        }
        if (bArr == null || bArr.length == 0) {
            b.b(f30334a, "decrypt content byte is empty.");
            throw new AesKsParamException("decrypt content byte is empty.");
        }
        a();
        if (bArr.length > 12) {
            return decrypt(b(str, Boolean.FALSE), bArr);
        }
        b.b(f30334a, "decrypt content length is less than iv len.");
        throw new AesKsParamException("decrypt content length is less than iv len.");
    }

    public static byte[] decrypt(SecretKey secretKey, byte[] bArr) throws AesKsParamException {
        if (secretKey == null) {
            b.b(f30334a, "decrypt secretKey is empty.");
            throw new AesKsParamException("decrypt secretKey is empty.");
        }
        if (bArr == null || bArr.length == 0) {
            b.b(f30334a, "decrypt content is empty.");
            throw new AesKsParamException("decrypt content is empty.");
        }
        a();
        if (bArr.length <= 12) {
            b.b(f30334a, "decrypt content length is less than iv len.");
            throw new AesKsParamException("decrypt content length is less than iv len.");
        }
        byte[] copyOf = Arrays.copyOf(bArr, 12);
        try {
            Cipher cipher = Cipher.getInstance(f30336c);
            cipher.init(2, secretKey, new GCMParameterSpec(128, copyOf));
            return cipher.doFinal(bArr, 12, bArr.length - 12);
        } catch (InvalidAlgorithmParameterException e10) {
            b.b(f30334a, "InvalidAlgorithmParameterException : " + e10.getMessage());
            throw new AesKsParamException("InvalidAlgorithmParameterException : " + e10.getMessage());
        } catch (InvalidKeyException e11) {
            b.b(f30334a, "InvalidKeyException : " + e11.getMessage());
            throw new AesKsParamException("InvalidKeyException : " + e11.getMessage());
        } catch (NoSuchAlgorithmException e12) {
            b.b(f30334a, "NoSuchAlgorithmException : " + e12.getMessage());
            throw new AesKsParamException("NoSuchAlgorithmException : " + e12.getMessage());
        } catch (BadPaddingException e13) {
            b.b(f30334a, "BadPaddingException : " + e13.getMessage());
            throw new AesKsParamException("BadPaddingException : " + e13.getMessage());
        } catch (IllegalBlockSizeException e14) {
            b.b(f30334a, "IllegalBlockSizeException : " + e14.getMessage());
            throw new AesKsParamException("IllegalBlockSizeException : " + e14.getMessage());
        } catch (NoSuchPaddingException e15) {
            b.b(f30334a, "NoSuchPaddingException : " + e15.getMessage());
            throw new AesKsParamException("NoSuchPaddingException : " + e15.getMessage());
        } catch (Exception e16) {
            b.b(f30334a, "Exception: " + e16.getMessage());
            throw new AesKsParamException("Exception: " + e16.getMessage());
        }
    }

    public static String encrypt(String str, String str2) throws AesKsParamException {
        if (TextUtils.isEmpty(str)) {
            b.b(f30334a, "encrypt alias is empty.");
            throw new AesKsParamException("encrypt alias is empty.");
        }
        if (TextUtils.isEmpty(str2)) {
            b.b(f30334a, "encrypt content is empty.");
            throw new AesKsParamException("encrypt content is empty.");
        }
        try {
            return HexUtil.byteArray2HexStr(encrypt(str, str2.getBytes("UTF-8")));
        } catch (UnsupportedEncodingException unused) {
            b.b(f30334a, "encrypt content getBytes with utf-8 error.");
            throw new AesKsParamException("encrypt content getBytes with utf-8 error.");
        }
    }

    public static byte[] encrypt(String str, byte[] bArr) throws AesKsParamException {
        if (TextUtils.isEmpty(str)) {
            b.b(f30334a, "encrypt alias is empty.");
            throw new AesKsParamException("encrypt alias is empty.");
        }
        if (bArr == null || bArr.length == 0) {
            b.b(f30334a, "encrypt content is empty.");
            throw new AesKsParamException("encrypt content is empty.");
        }
        a();
        return encrypt(b(str, Boolean.TRUE), bArr);
    }

    public static byte[] encrypt(SecretKey secretKey, byte[] bArr) throws AesKsParamException {
        if (bArr == null || bArr.length == 0) {
            b.b(f30334a, "encrypt content is empty.");
            throw new AesKsParamException("encrypt content is empty.");
        }
        if (secretKey == null) {
            b.b(f30334a, "encrypt secretKey is empty.");
            throw new AesKsParamException("encrypt secretKey is empty.");
        }
        a();
        try {
            Cipher cipher = Cipher.getInstance(f30336c);
            cipher.init(1, secretKey);
            byte[] doFinal = cipher.doFinal(bArr);
            byte[] iv = cipher.getIV();
            if (iv == null || iv.length != 12) {
                b.b(f30334a, "encrypt content iv is invalid.");
                throw new AesKsParamException("encrypt content iv is invalid.");
            }
            byte[] copyOf = Arrays.copyOf(iv, iv.length + doFinal.length);
            System.arraycopy(doFinal, 0, copyOf, iv.length, doFinal.length);
            return copyOf;
        } catch (InvalidKeyException e10) {
            b.b(f30334a, "InvalidKeyException : " + e10.getMessage());
            throw new AesKsParamException("InvalidKeyException : " + e10.getMessage());
        } catch (NoSuchAlgorithmException e11) {
            b.b(f30334a, "NoSuchAlgorithmException : " + e11.getMessage());
            throw new AesKsParamException("NoSuchAlgorithmException : " + e11.getMessage());
        } catch (BadPaddingException e12) {
            b.b(f30334a, "BadPaddingException : " + e12.getMessage());
            throw new AesKsParamException("BadPaddingException : " + e12.getMessage());
        } catch (IllegalBlockSizeException e13) {
            b.b(f30334a, "IllegalBlockSizeException : " + e13.getMessage());
            throw new AesKsParamException("IllegalBlockSizeException : " + e13.getMessage());
        } catch (NoSuchPaddingException e14) {
            b.b(f30334a, "NoSuchPaddingException : " + e14.getMessage());
            throw new AesKsParamException("NoSuchPaddingException : " + e14.getMessage());
        } catch (Exception e15) {
            b.b(f30334a, "Exception: " + e15.getMessage());
            throw new AesKsParamException("Exception : " + e15.getMessage());
        }
    }
}
