package com.xiaomi.passport.utils;

import android.text.TextUtils;
import android.util.Base64;
import com.xiaomi.accountsdk.request.CipherException;
import com.xiaomi.accountsdk.utils.AESCoder;
import fm.qingting.qtsdk.BuildConfig;
import java.io.ByteArrayInputStream;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import org.apache.http.protocol.HTTP;

/* loaded from: classes2.dex */
public class PassportEnvEncryptUtils {
    private static volatile SecretKey mAesKey;
    private static volatile String mEncryptedKey;
    private static volatile PublicKey mRsaPublicKey;
    private static String rsaPublicKeyStr = "-----BEGIN CERTIFICATE-----\nMIICDzCCAXigAwIBAgIEWBw0IzANBgkqhkiG9w0BAQUFADBMMQswCQYDVQQGEwJD\nTjEPMA0GA1UEChMGeGlhb21pMQ8wDQYDVQQLEwZ4aWFvbWkxGzAZBgNVBAMTEmFj\nY291bnQueGlhb21pLmNvbTAeFw0xNjExMDQwNzA5MjNaFw0xNzExMDQwNzA5MjNa\nMEwxCzAJBgNVBAYTAkNOMQ8wDQYDVQQKEwZ4aWFvbWkxDzANBgNVBAsTBnhpYW9t\naTEbMBkGA1UEAxMSYWNjb3VudC54aWFvbWkuY29tMIGfMA0GCSqGSIb3DQEBAQUA\nA4GNADCBiQKBgQCHcPEm9Wo8/LWHL8mohOV5YalTgZLzng+nWCEkIRP//6GohYlI\nh3dvGpueJvQ3Sany/3dLx0x6MQKA34NxRyoO37R/LgPZUfe6eWzHQeColBBHxTED\nbCqDh46Gv5vogjqHRl4+q2WGCmZOIfmPjNHQWG8sMIZyTqFCLc6gk9vSewIDAQAB\nMA0GCSqGSIb3DQEBBQUAA4GBAHaPnscaxSPh0N0Z5OgQ6PcWr5uYPLMweatYGZRH\nSFxwSqYXpqIowuRxmrBj+oE5rG5rzFCtNjCBoeMVy/7JXZr9Juaw9NCWaTaqrmIV\nP4nK/0kizCvkx3088OOCGextGeZUC9/PCbVUEcRvGLwSrvgqiC1KG4ufeIdQWBaJ\n8ZlG\n-----END CERTIFICATE-----\n";

    /* loaded from: classes2.dex */
    public class EncryptException extends Exception {
        public EncryptException(Throwable th) {
            super(th);
        }
    }

    /* loaded from: classes2.dex */
    public class EncryptResult {
        public String content;
        public String encryptedKey;
    }

    private static String aesEncrypt(String str, SecretKey secretKey) throws EncryptException {
        try {
            return new AESCoder(secretKey.getEncoded()).encrypt(str);
        } catch (CipherException e) {
            throw new EncryptException(e);
        }
    }

    public static EncryptResult encrypt(String str) throws EncryptException {
        EncryptResult encryptResult = new EncryptResult();
        synchronized (PassportEnvEncryptUtils.class) {
            if (mAesKey == null || mEncryptedKey == null) {
                mAesKey = generateSymmetricKey();
                mEncryptedKey = rsaEncrypt(Base64.encodeToString(mAesKey.getEncoded(), 10), getRsaPublicKey());
            }
        }
        encryptResult.content = aesEncrypt(str, mAesKey);
        encryptResult.encryptedKey = mEncryptedKey;
        return encryptResult;
    }

    public static EncryptResult encrypt(String[] strArr) throws EncryptException {
        return encrypt(TextUtils.join(":", strArr));
    }

    private static String encrypt(String str, Key key, String str2) throws EncryptException {
        if (TextUtils.isEmpty(str)) {
            return BuildConfig.FLAVOR;
        }
        try {
            return new String(Base64.encode(encrypt(str.getBytes(HTTP.UTF_8), key, str2), 10), HTTP.UTF_8);
        } catch (UnsupportedEncodingException e) {
            throw new EncryptException(e);
        }
    }

    private static byte[] encrypt(byte[] bArr, Key key, String str) throws EncryptException {
        try {
            Cipher cipher = Cipher.getInstance(str);
            cipher.init(1, key);
            return cipher.doFinal(bArr);
        } catch (InvalidKeyException e) {
            throw new EncryptException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new EncryptException(e2);
        } catch (BadPaddingException e3) {
            throw new EncryptException(e3);
        } catch (IllegalBlockSizeException e4) {
            throw new EncryptException(e4);
        } catch (NoSuchPaddingException e5) {
            throw new EncryptException(e5);
        }
    }

    private static SecretKey generateSymmetricKey() throws EncryptException {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(new SecureRandom());
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException e) {
            throw new EncryptException(e);
        }
    }

    private static PublicKey getRsaPublicKey() throws EncryptException {
        if (mRsaPublicKey != null) {
            return mRsaPublicKey;
        }
        try {
            mRsaPublicKey = ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(rsaPublicKeyStr.getBytes(HTTP.UTF_8)))).getPublicKey();
            return mRsaPublicKey;
        } catch (UnsupportedEncodingException e) {
            throw new EncryptException(e);
        } catch (CertificateException e2) {
            throw new EncryptException(e2);
        }
    }

    private static String rsaEncrypt(String str, PublicKey publicKey) throws EncryptException {
        return encrypt(str, publicKey, "RSA/ECB/PKCS1Padding");
    }
}
