package com.szqd.wittyedu.common.util;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.Calendar;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;

/* compiled from: KS.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000>\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0012\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0005\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\u0018\u0000 \u00192\u00020\u0001:\u0001\u0019B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u000e\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000eJ\u0010\u0010\u000f\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000eH\u0002J\u000e\u0010\u0010\u001a\u00020\u000e2\u0006\u0010\u0011\u001a\u00020\fJ\u0010\u0010\u0012\u001a\u00020\u000e2\u0006\u0010\u0011\u001a\u00020\fH\u0002J\b\u0010\u0013\u001a\u00020\u0014H\u0002J\u0010\u0010\u0015\u001a\u00020\u00142\u0006\u0010\u0002\u001a\u00020\u0003H\u0002J\b\u0010\u0016\u001a\u00020\u0017H\u0002J\b\u0010\u0018\u001a\u00020\fH\u0002R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n\u0000R\u0011\u0010\u0007\u001a\u00020\b¢\u0006\b\n\u0000\u001a\u0004\b\t\u0010\n¨\u0006\u001a"}, d2 = {"Lcom/szqd/wittyedu/common/util/KS;", "", "context", "Landroid/content/Context;", "(Landroid/content/Context;)V", "keyStore", "Ljava/security/KeyStore;", "sp", "Landroid/content/SharedPreferences;", "getSp", "()Landroid/content/SharedPreferences;", "decrypt", "", "encryptedText", "", "decryptRSA", "encrypt", "bytes", "encryptRSA", "generateAESKey", "", "generateKey", "getAK", "Ljavax/crypto/SecretKey;", "getIV", "Companion", "app_release"}, k = 1, mv = {1, 4, 1})
/* loaded from: classes2.dex */
public final class KS {
    private static final String AES = "AES/GCM/NoPadding";
    private static final String AKS = "AndroidKeyStore";
    private static final String ALIAS = "witty";
    public static final String EMPTY = "";
    private static final String RSA = "RSA/ECB/PKCS1Padding";
    private final KeyStore keyStore;
    private final SharedPreferences sp;

    public KS(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        KeyStore keyStore = KeyStore.getInstance(AKS);
        Intrinsics.checkNotNullExpressionValue(keyStore, "KeyStore.getInstance(AKS)");
        this.keyStore = keyStore;
        keyStore.load(null);
        SharedPreferences sharedPreferences = context.getSharedPreferences("ks", 0);
        Intrinsics.checkNotNullExpressionValue(sharedPreferences, "context.getSharedPrefere…s\", Context.MODE_PRIVATE)");
        this.sp = sharedPreferences;
        if (keyStore.containsAlias(ALIAS)) {
            return;
        }
        generateKey(context);
        generateAESKey();
    }

    private final byte[] decryptRSA(String encryptedText) {
        Key key = this.keyStore.getKey(ALIAS, null);
        Objects.requireNonNull(key, "null cannot be cast to non-null type java.security.PrivateKey");
        Cipher cipher = Cipher.getInstance(RSA);
        cipher.init(2, (PrivateKey) key);
        byte[] doFinal = cipher.doFinal(Base64.decode(encryptedText, 0));
        Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(encryptedBytes)");
        return doFinal;
    }

    private final String encryptRSA(byte[] bytes) {
        Certificate certificate = this.keyStore.getCertificate(ALIAS);
        Intrinsics.checkNotNullExpressionValue(certificate, "keyStore.getCertificate(ALIAS)");
        PublicKey publicKey = certificate.getPublicKey();
        Cipher cipher = Cipher.getInstance(RSA);
        cipher.init(1, publicKey);
        String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
        Intrinsics.checkNotNullExpressionValue(encodeToString, "Base64.encodeToString(en…ptedByte, Base64.DEFAULT)");
        return encodeToString;
    }

    private final void generateAESKey() {
        byte[] bArr = new byte[16];
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.nextBytes(bArr);
        byte[] generated = secureRandom.generateSeed(12);
        Intrinsics.checkNotNullExpressionValue(generated, "generated");
        this.sp.edit().putString("iv", encryptRSA(generated)).apply();
        this.sp.edit().putString("ak", encryptRSA(bArr)).apply();
    }

    private final void generateKey(Context context) {
        KeyPairGeneratorSpec keyPairGeneratorSpec;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", AKS);
        if (Build.VERSION.SDK_INT >= 23) {
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(ALIAS, 3).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").build();
            Intrinsics.checkNotNullExpressionValue(build, "KeyGenParameterSpec.Buil…                 .build()");
            keyPairGeneratorSpec = build;
        } else {
            Calendar start = Calendar.getInstance();
            Calendar end = Calendar.getInstance();
            end.add(1, 30);
            KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(context).setAlias(ALIAS).setSubject(new X500Principal("CN=witty")).setSerialNumber(BigInteger.TEN);
            Intrinsics.checkNotNullExpressionValue(start, "start");
            KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(start.getTime());
            Intrinsics.checkNotNullExpressionValue(end, "end");
            KeyPairGeneratorSpec build2 = startDate.setEndDate(end.getTime()).build();
            Intrinsics.checkNotNullExpressionValue(build2, "KeyPairGeneratorSpec.Bui…                 .build()");
            keyPairGeneratorSpec = build2;
        }
        keyPairGenerator.initialize(keyPairGeneratorSpec);
        keyPairGenerator.generateKeyPair();
    }

    private final SecretKey getAK() {
        String string = this.sp.getString("ak", null);
        if (string == null) {
            string = "";
        }
        Intrinsics.checkNotNullExpressionValue(string, "sp.getString(\"ak\", null) ?: EMPTY");
        return new SecretKeySpec(decryptRSA(string), AES);
    }

    private final byte[] getIV() {
        String string = this.sp.getString("iv", null);
        if (string == null) {
            string = "";
        }
        Intrinsics.checkNotNullExpressionValue(string, "sp.getString(\"iv\", null) ?: EMPTY");
        return decryptRSA(string);
    }

    public final byte[] decrypt(String encryptedText) {
        Intrinsics.checkNotNullParameter(encryptedText, "encryptedText");
        byte[] bytes = encryptedText.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
        byte[] decode = Base64.decode(bytes, 0);
        Cipher cipher = Cipher.getInstance(AES);
        cipher.init(2, getAK(), new IvParameterSpec(getIV()));
        byte[] doFinal = cipher.doFinal(decode);
        Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(decodedBytes)");
        return doFinal;
    }

    public final String encrypt(byte[] bytes) {
        Intrinsics.checkNotNullParameter(bytes, "bytes");
        Cipher cipher = Cipher.getInstance(AES);
        cipher.init(1, getAK(), new IvParameterSpec(getIV()));
        String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
        Intrinsics.checkNotNullExpressionValue(encodeToString, "Base64.encodeToString(en…tedBytes, Base64.DEFAULT)");
        return encodeToString;
    }

    public final SharedPreferences getSp() {
        return this.sp;
    }
}
