package org.trimps.islab.islabv13.inner;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Calendar;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes5.dex */
public class KStoreRSA {
    private static final String AES_MODE = "AES/GCM/NoPadding";
    private static final String KEYSTORE_ALIAS = "KEYSTORE_DEMO";
    private static final String KEYSTORE_PROVIDER = "AndroidKeyStore";
    private static final String KEY_ALGORITHM_RSA = "RSA";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private KeyStore mKeyStore;
    private SharedPreferences mSharedPrefs;
    private final AtomicBoolean onceDo;

    /* loaded from: classes5.dex */
    private static final class InstanceHolder {
        private static final KStoreRSA instance = new KStoreRSA();

        private InstanceHolder() {
        }
    }

    private KStoreRSA() {
        this.onceDo = new AtomicBoolean(false);
    }

    private void createOnceAESKeyAndStore() throws Exception {
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[16];
        secureRandom.nextBytes(bArr);
        byte[] generateSeed = secureRandom.generateSeed(12);
        this.mSharedPrefs.edit().putString("_aes_key", Base64.encodeToString(encRSA(bArr), 2)).commit();
        this.mSharedPrefs.edit().putString("_aes_iv", Base64.encodeToString(generateSeed, 2)).commit();
    }

    private byte[] decRSA(byte[] bArr) throws Exception {
        PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) this.mKeyStore.getEntry(KEYSTORE_ALIAS, null)).getPrivateKey();
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, privateKey);
        return cipher.doFinal(bArr);
    }

    private byte[] encRSA(byte[] bArr) throws Exception {
        PublicKey publicKey = this.mKeyStore.getCertificate(KEYSTORE_ALIAS).getPublicKey();
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, publicKey);
        return cipher.doFinal(bArr);
    }

    private SecretKey getAESKey() throws Exception {
        byte[] decRSA = decRSA(Base64.decode(this.mSharedPrefs.getString("_aes_key", ""), 2));
        Log.w("aes_key", "key:" + Arrays.toString(decRSA));
        return new SecretKeySpec(decRSA, AES_MODE);
    }

    private byte[] getIV() {
        byte[] decode = Base64.decode(this.mSharedPrefs.getString("_aes_iv", ""), 2);
        Log.w("aes_key", " iv:" + Arrays.toString(decode));
        return decode;
    }

    public static KStoreRSA getInstance() {
        return InstanceHolder.instance;
    }

    private void init(Context context) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_PROVIDER);
        if (Build.VERSION.SDK_INT >= 23) {
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(KEYSTORE_ALIAS, 3).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").build());
        } else {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 30);
            keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context).setAlias(KEYSTORE_ALIAS).setSubject(new X500Principal("CN=KEYSTORE_DEMO")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
        }
        keyPairGenerator.generateKeyPair();
        createOnceAESKeyAndStore();
    }

    private boolean isExistsAlready() throws Exception {
        KeyStore keyStore = this.mKeyStore;
        if (keyStore == null) {
            return false;
        }
        keyStore.load(null);
        return this.mKeyStore.containsAlias(KEYSTORE_ALIAS);
    }

    private boolean isInit() {
        return this.onceDo.get();
    }

    public byte[] decAES(byte[] bArr) throws Exception {
        if (!isInit()) {
            throw new IllegalStateException("Must init, call to initOnce");
        }
        Cipher cipher = Cipher.getInstance(AES_MODE);
        cipher.init(2, getAESKey(), new IvParameterSpec(getIV()));
        return cipher.doFinal(bArr);
    }

    public byte[] encAES(byte[] bArr) throws Exception {
        if (!isInit()) {
            throw new IllegalStateException("Must init, call to initOnce");
        }
        Cipher cipher = Cipher.getInstance(AES_MODE);
        cipher.init(1, getAESKey(), new IvParameterSpec(getIV()));
        return cipher.doFinal(bArr);
    }

    public boolean initOnce(Context context) {
        if (this.onceDo.compareAndSet(false, true)) {
            try {
                this.mSharedPrefs = context.getSharedPreferences("_sp_RSA->AES(key,iv)", 0);
                this.mKeyStore = KeyStore.getInstance(KEYSTORE_PROVIDER);
                if (isExistsAlready()) {
                    return true;
                }
                init(context);
                return true;
            } catch (Exception e) {
                this.onceDo.set(false);
                e.printStackTrace();
            }
        }
        return this.onceDo.get();
    }
}
