package cc.axyz.xiaozhi.security;

import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import com.google.firebase.crashlytics.buildtools.reloc.org.apache.commons.codec.digest.MessageDigestAlgorithms;
import java.nio.charset.Charset;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.Metadata;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Lambda;
import kotlin.text.Charsets;

/* loaded from: classes2.dex */
public final class RSAOAEPHelper implements l {

    /* renamed from: a, reason: collision with root package name */
    public final Lazy f1037a = LazyKt.lazy(a.INSTANCE);

    @Metadata(d1 = {"\u0000 \n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010\b\n\u0002\b\u0005\b\u0086\u0003\u0018\u00002\u00020\u0001J\r\u0010\u0003\u001a\u00020\u0002¢\u0006\u0004\b\u0003\u0010\u0004R\u0014\u0010\u0006\u001a\u00020\u00058\u0002X\u0082T¢\u0006\u0006\n\u0004\b\u0006\u0010\u0007R\u0014\u0010\t\u001a\u00020\b8\u0002X\u0082T¢\u0006\u0006\n\u0004\b\t\u0010\nR\u0014\u0010\u000b\u001a\u00020\u00058\u0002X\u0082T¢\u0006\u0006\n\u0004\b\u000b\u0010\u0007R\u0014\u0010\f\u001a\u00020\u00058\u0002X\u0082T¢\u0006\u0006\n\u0004\b\f\u0010\u0007¨\u0006\r"}, d2 = {"Lcc/axyz/xiaozhi/security/RSAOAEPHelper$Companion;", "", "", "test", "()V", "", "KEY_ALIAS", "Ljava/lang/String;", "", "KEY_SIZE", "I", "TAG", "TRANSFORMATION", "app_release"}, k = 1, mv = {1, 9, 0}, xi = 48)
    /* loaded from: classes2.dex */
    public static final class Companion {
        public final void test() {
            byte[] e2;
            RSAOAEPHelper rSAOAEPHelper = new RSAOAEPHelper();
            String o2 = androidx.compose.foundation.b.o("Sensitive data @ ", System.currentTimeMillis());
            Charset charset = Charsets.UTF_8;
            byte[] bytes = o2.getBytes(charset);
            Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
            byte[] b2 = rSAOAEPHelper.b(bytes);
            if (b2 != null) {
                Base64.encodeToString(b2, 2);
            }
            if (b2 == null || (e2 = rSAOAEPHelper.e(b2)) == null) {
                return;
            }
            new String(e2, charset);
        }
    }

    /* loaded from: classes2.dex */
    public static final class a extends Lambda implements Function0 {
        public static final a INSTANCE = new a();

        public a() {
            super(0);
        }

        @Override // kotlin.jvm.functions.Function0
        public final KeyStore invoke() {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore;
        }
    }

    public RSAOAEPHelper() {
        if (a().containsAlias("rsa_oaep_key")) {
            return;
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("rsa_oaep_key", 3).setDigests(MessageDigestAlgorithms.SHA_1, MessageDigestAlgorithms.SHA_256).setEncryptionPaddings("OAEPPadding").setKeySize(2048).build();
            Intrinsics.checkNotNullExpressionValue(build, "build(...)");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            Log.e("RSA-OAEP", "Key generation failed", e2);
        }
    }

    public final KeyStore a() {
        Object value = this.f1037a.getValue();
        Intrinsics.checkNotNullExpressionValue(value, "getValue(...)");
        return (KeyStore) value;
    }

    @Override // cc.axyz.xiaozhi.security.l
    public final byte[] b(byte[] data) {
        Intrinsics.checkNotNullParameter(data, "data");
        try {
            PublicKey publicKey = a().getCertificate("rsa_oaep_key").getPublicKey();
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            cipher.init(1, publicKey, new OAEPParameterSpec(MessageDigestAlgorithms.SHA_256, "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
            return cipher.doFinal(data);
        } catch (Exception e2) {
            Log.e("RSA-OAEP", "Encryption failed", e2);
            return null;
        }
    }

    @Override // cc.axyz.xiaozhi.security.l
    public final PublicKey d() {
        try {
            return a().getCertificate("rsa_oaep_key").getPublicKey();
        } catch (Exception e2) {
            Log.e("RSA-OAEP", "Public key retrieval failed", e2);
            return null;
        }
    }

    @Override // cc.axyz.xiaozhi.security.l
    public final byte[] e(byte[] data) {
        Intrinsics.checkNotNullParameter(data, "data");
        try {
            KeyStore.Entry entry = a().getEntry("rsa_oaep_key", null);
            Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            cipher.init(2, privateKey, new OAEPParameterSpec(MessageDigestAlgorithms.SHA_256, "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
            return cipher.doFinal(data);
        } catch (Exception e2) {
            Log.e("RSA-OAEP", "Decryption failed", e2);
            return null;
        }
    }
}
