package me.vkarmane.d.a.a;

import android.annotation.SuppressLint;
import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FilterInputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.TypeCastException;
import kotlin.t;
import me.vkarmane.c.o.a;
import me.vkarmane.i.D;

/* compiled from: KitKatDataCryptor.kt */
/* loaded from: classes.dex */
public final class j implements c {

    /* renamed from: a, reason: collision with root package name */
    public static final a f14313a = new a(null);

    /* renamed from: b, reason: collision with root package name */
    private final String f14314b;

    /* renamed from: c, reason: collision with root package name */
    private final KeyStore f14315c;

    /* renamed from: d, reason: collision with root package name */
    private final Context f14316d;

    /* renamed from: e, reason: collision with root package name */
    private final me.vkarmane.c.o.a f14317e;

    /* renamed from: f, reason: collision with root package name */
    private final String f14318f;

    /* compiled from: KitKatDataCryptor.kt */
    /* loaded from: classes.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(kotlin.e.b.g gVar) {
            this();
        }
    }

    public j(Context context, me.vkarmane.c.o.a aVar, String str) {
        kotlin.e.b.k.b(context, "context");
        kotlin.e.b.k.b(aVar, "preferences");
        kotlin.e.b.k.b(str, "alias");
        this.f14316d = context;
        this.f14317e = aVar;
        this.f14318f = str;
        this.f14314b = "key_cryptor" + this.f14318f;
        this.f14315c = KeyStore.getInstance("AndroidKeyStore");
    }

    private final byte[] a(byte[] bArr) throws Exception {
        Throwable th = null;
        KeyStore.Entry entry = this.f14315c.getEntry(this.f14318f, null);
        if (entry == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        FilterInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        BufferedInputStream bufferedInputStream = cipherInputStream instanceof BufferedInputStream ? (BufferedInputStream) cipherInputStream : new BufferedInputStream(cipherInputStream, 8192);
        try {
            return kotlin.io.a.a(bufferedInputStream);
        } finally {
            kotlin.io.b.a(bufferedInputStream, th);
        }
    }

    private final String b() {
        String a2 = a.C0167a.a(this.f14317e, this.f14314b, null, 2, null);
        if (a2 == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            a2 = Base64.encodeToString(b(bArr), 0);
            this.f14317e.putString(this.f14314b, a2);
        }
        if (a2 != null) {
            return a2;
        }
        kotlin.e.b.k.b();
        throw null;
    }

    private final byte[] b(byte[] bArr) throws Exception {
        KeyStore.Entry entry = this.f14315c.getEntry(this.f14318f, null);
        if (entry == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        Certificate certificate = ((KeyStore.PrivateKeyEntry) entry).getCertificate();
        kotlin.e.b.k.a((Object) certificate, "privateKeyEntry.certificate");
        cipher.init(1, certificate.getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        try {
            cipherOutputStream.write(bArr);
            t tVar = t.f12330a;
            kotlin.io.b.a(cipherOutputStream, null);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            kotlin.e.b.k.a((Object) byteArray, "outputStream.toByteArray()");
            return byteArray;
        } catch (Throwable th) {
            kotlin.io.b.a(cipherOutputStream, null);
            throw th;
        }
    }

    private final Key c() throws Exception {
        String a2 = a.C0167a.a(this.f14317e, this.f14314b, null, 2, null);
        if (a2 == null) {
            a2 = b();
        }
        byte[] decode = Base64.decode(a2, 0);
        kotlin.e.b.k.a((Object) decode, "encryptedKey");
        return new SecretKeySpec(a(decode), "AES");
    }

    @SuppressLint({"NewApi"})
    private final void d() {
        if (this.f14315c.containsAlias(this.f14318f)) {
            return;
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(this.f14316d).setAlias(this.f14318f).setSubject(new X500Principal("CN=" + this.f14318f)).setSerialNumber(BigInteger.TEN);
        kotlin.e.b.k.a((Object) calendar, "start");
        KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(calendar.getTime());
        kotlin.e.b.k.a((Object) calendar2, "end");
        KeyPairGeneratorSpec build = startDate.setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    @Override // me.vkarmane.d.a.a.c
    public String a(String str) {
        kotlin.e.b.k.b(str, "userPassword");
        return b(D.f15889a.a());
    }

    @Override // me.vkarmane.d.a.a.c
    public String a(String str, String str2) {
        kotlin.e.b.k.b(str, "encryptedData");
        kotlin.e.b.k.b(str2, "password");
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding");
        cipher.init(2, c());
        byte[] doFinal = cipher.doFinal(Base64.decode(str, 0));
        kotlin.e.b.k.a((Object) doFinal, "c.doFinal(Base64.decode(…tedData, Base64.DEFAULT))");
        return new String(doFinal, kotlin.i.c.f12259a);
    }

    public void a() {
        this.f14315c.load(null);
        d();
        b();
    }

    @Override // me.vkarmane.d.a.a.c
    public String b(String str) {
        kotlin.e.b.k.b(str, "data");
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding");
        cipher.init(1, c());
        byte[] bytes = str.getBytes(kotlin.i.c.f12259a);
        kotlin.e.b.k.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
        kotlin.e.b.k.a((Object) encodeToString, "Base64.encodeToString(en…dedBytes, Base64.DEFAULT)");
        return encodeToString;
    }

    @Override // me.vkarmane.d.a.a.c
    public void clear() {
        this.f14317e.remove(this.f14314b);
    }
}
