package cn.iclass.lianpin.util;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.support.annotation.RequiresApi;
import android.util.Base64;
import com.itextpdf.text.pdf.security.DigestAlgorithms;
import com.itextpdf.text.pdf.security.SecurityConstants;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class KeyStoreManager {
    private static final String AES_MODE = "AES/GCM/NoPadding";
    private static final String KEYSTORE_ALIAS = "LianPin";
    private static final String KEYSTORE_PROVIDER = "AndroidKeyStore";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private KeyStore keyStore;

    /* loaded from: classes.dex */
    private static class KeyStoreManagerHolder {
        private static final KeyStoreManager sECKeyManager = new KeyStoreManager();

        private KeyStoreManagerHolder() {
        }
    }

    private void genKeyStoreKey(Context context) throws Exception {
        if (Build.VERSION.SDK_INT >= 23) {
            generateRSAKey_AboveApi23();
        } else {
            generateRSAKey_BelowApi23(context);
        }
    }

    @RequiresApi(api = 23)
    private void generateRSAKey_AboveApi23() throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SecurityConstants.RSA, KEYSTORE_PROVIDER);
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(KEYSTORE_ALIAS, 3).setDigests("SHA-256", DigestAlgorithms.SHA512).setEncryptionPaddings("PKCS1Padding").build());
        keyPairGenerator.generateKeyPair();
    }

    private void generateRSAKey_BelowApi23(Context context) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 100);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(KEYSTORE_ALIAS).setSubject(new X500Principal("CN=LianPin")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SecurityConstants.RSA, KEYSTORE_PROVIDER);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    public static KeyStoreManager getInstance() {
        return KeyStoreManagerHolder.sECKeyManager;
    }

    public String decryptRSA(String str) throws Exception {
        PrivateKey privateKey = (PrivateKey) this.keyStore.getKey(KEYSTORE_ALIAS, null);
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(2, privateKey);
        return new String(cipher.doFinal(Base64.decode(str, 0)), StandardCharsets.UTF_8);
    }

    public String encryptRSA(String str) throws Exception {
        PublicKey publicKey = this.keyStore.getCertificate(KEYSTORE_ALIAS).getPublicKey();
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(1, publicKey);
        return Base64.encodeToString(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)), 0);
    }

    public void init(Context context) throws Exception {
        this.keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER);
        this.keyStore.load(null);
        if (this.keyStore.containsAlias(KEYSTORE_ALIAS)) {
            return;
        }
        genKeyStoreKey(context);
    }
}
