package defpackage;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import com.tencent.mm.algorithm.RSA;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Calendar;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import org.xwalk.core.XWalkAppVersion;

/* compiled from: KStoreRSA.java */
/* loaded from: classes6.dex */
public class ejt {
    private KeyStore hIE;
    private SharedPreferences hIF;
    private final AtomicBoolean hIG;

    /* compiled from: KStoreRSA.java */
    /* loaded from: classes6.dex */
    static final class a {
        private static final ejt hIH = new ejt();
    }

    private ejt() {
        this.hIG = new AtomicBoolean(false);
    }

    public static ejt ciT() {
        return a.hIH;
    }

    private boolean ciU() throws Exception {
        if (this.hIE == null) {
            return false;
        }
        this.hIE.load(null);
        return this.hIE.containsAlias("KEYSTORE_DEMO");
    }

    private void ciV() throws Exception {
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[16];
        secureRandom.nextBytes(bArr);
        byte[] generateSeed = secureRandom.generateSeed(12);
        this.hIF.edit().putString("_aes_key", Base64.encodeToString(dg(bArr), 2)).commit();
        this.hIF.edit().putString("_aes_iv", Base64.encodeToString(generateSeed, 2)).commit();
    }

    private SecretKey ciW() throws Exception {
        byte[] dh = dh(Base64.decode(this.hIF.getString("_aes_key", ""), 2));
        Log.w("aes_key", "key:" + Arrays.toString(dh));
        return new SecretKeySpec(dh, "AES/GCM/NoPadding");
    }

    private byte[] dg(byte[] bArr) throws Exception {
        PublicKey publicKey = this.hIE.getCertificate("KEYSTORE_DEMO").getPublicKey();
        Cipher cipher = Cipher.getInstance(RSA.RSA_MODE_1);
        cipher.init(1, publicKey);
        return cipher.doFinal(bArr);
    }

    private byte[] dh(byte[] bArr) throws Exception {
        PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) this.hIE.getEntry("KEYSTORE_DEMO", null)).getPrivateKey();
        Cipher cipher = Cipher.getInstance(RSA.RSA_MODE_1);
        cipher.init(2, privateKey);
        return cipher.doFinal(bArr);
    }

    private byte[] getIV() {
        byte[] decode = Base64.decode(this.hIF.getString("_aes_iv", ""), 2);
        Log.w("aes_key", " iv:" + Arrays.toString(decode));
        return decode;
    }

    private void init(Context context) throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        if (Build.VERSION.SDK_INT >= 23) {
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder("KEYSTORE_DEMO", 3).setDigests(XWalkAppVersion.XWALK_APK_HASH_ALGORITHM, "SHA-512").setEncryptionPaddings("PKCS1Padding").build());
        } else {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 30);
            keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context).setAlias("KEYSTORE_DEMO").setSubject(new X500Principal("CN=KEYSTORE_DEMO")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
        }
        keyPairGenerator.generateKeyPair();
        ciV();
    }

    private boolean isInit() {
        return this.hIG.get();
    }

    public boolean dU(Context context) {
        if (this.hIG.compareAndSet(false, true)) {
            try {
                this.hIF = context.getSharedPreferences("_sp_RSA->AES(key,iv)", 0);
                this.hIE = KeyStore.getInstance("AndroidKeyStore");
                if (ciU()) {
                    return true;
                }
                init(context);
                return true;
            } catch (Exception e) {
                this.hIG.set(false);
                e.printStackTrace();
            }
        }
        return this.hIG.get();
    }

    public byte[] di(byte[] bArr) throws Exception {
        if (!isInit()) {
            throw new IllegalStateException("Must init, call to initOnce");
        }
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(1, ciW(), new IvParameterSpec(getIV()));
        return cipher.doFinal(bArr);
    }

    public byte[] dj(byte[] bArr) throws Exception {
        if (!isInit()) {
            throw new IllegalStateException("Must init, call to initOnce");
        }
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(2, ciW(), new IvParameterSpec(getIV()));
        return cipher.doFinal(bArr);
    }
}
