package com.sankuai.meituan.tte;

import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.support.annotation.NonNull;
import android.support.annotation.RequiresApi;
import android.support.annotation.VisibleForTesting;
import com.sankuai.common.utils.ProcessUtils;
import com.sankuai.meituan.tte.w;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.interfaces.RSAKey;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public abstract class o<K> {

    @SuppressLint({"StaticFieldLeak"})
    private static volatile o<?> c;
    protected final Context a;
    final String b;
    private final String d;
    private final String e;
    private volatile K f;

    @RequiresApi(api = 23)
    /* loaded from: classes3.dex */
    static class a extends o<SecretKey> {
        a(Context context) {
            super(context, "com.sankuai.meituan.tte.master_key-aes-128:", "data_key-aes-128:", "aes");
        }

        @Override // com.sankuai.meituan.tte.o
        protected final /* synthetic */ SecretKey a(String str) throws GeneralSecurityException {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setKeySize(128).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
            return keyGenerator.generateKey();
        }

        @Override // com.sankuai.meituan.tte.o
        protected final /* synthetic */ SecretKey a(KeyStore keyStore, String str) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException {
            Key key = keyStore.getKey(str, null);
            if (key instanceof SecretKey) {
                return (SecretKey) key;
            }
            return null;
        }

        @Override // com.sankuai.meituan.tte.o
        public final /* synthetic */ byte[] a(byte[] bArr, SecretKey secretKey) throws GeneralSecurityException {
            byte[] bArr2 = new byte[12];
            new SecureRandom().nextBytes(bArr2);
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, secretKey, new GCMParameterSpec(128, bArr2));
            return x.a(bArr2, cipher.doFinal(bArr));
        }

        @Override // com.sankuai.meituan.tte.o
        public final /* synthetic */ byte[] b(byte[] bArr, SecretKey secretKey) throws GeneralSecurityException {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, secretKey, new GCMParameterSpec(128, bArr, 0, 12));
            return cipher.doFinal(bArr, 12, bArr.length - 12);
        }
    }

    /* loaded from: classes3.dex */
    static class b extends o<KeyPair> {
        b(Context context) {
            super(context, "com.sankuai.meituan.tte.master_key-2048:", "data_key-2048:", "rsa");
        }

        @Override // com.sankuai.meituan.tte.o
        protected final /* synthetic */ KeyPair a(String str) throws GeneralSecurityException {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 100);
            keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(this.a).setKeySize(2048).setAlias(str).setSubject(new X500Principal("CN=TTE")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
            return keyPairGenerator.generateKeyPair();
        }

        @Override // com.sankuai.meituan.tte.o
        protected final /* synthetic */ KeyPair a(KeyStore keyStore, String str) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException {
            Key key = keyStore.getKey(str, null);
            PrivateKey privateKey = ((key instanceof PrivateKey) && (key instanceof RSAKey)) ? (PrivateKey) key : null;
            Certificate certificate = keyStore.getCertificate(str);
            PublicKey publicKey = (certificate == null || !(certificate.getPublicKey() instanceof RSAKey)) ? null : certificate.getPublicKey();
            if (privateKey == null || publicKey == null) {
                return null;
            }
            return new KeyPair(publicKey, privateKey);
        }

        @Override // com.sankuai.meituan.tte.o
        public final /* synthetic */ byte[] a(byte[] bArr, KeyPair keyPair) throws GeneralSecurityException {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, keyPair.getPublic());
            return cipher.doFinal(bArr);
        }

        @Override // com.sankuai.meituan.tte.o
        public final /* synthetic */ byte[] b(byte[] bArr, KeyPair keyPair) throws GeneralSecurityException {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, keyPair.getPrivate());
            return cipher.doFinal(bArr);
        }
    }

    protected o(Context context, String str, String str2, String str3) {
        this.a = context;
        this.d = str;
        this.e = str2;
        this.b = str3;
    }

    public static o<?> a(Context context) {
        o<?> bVar;
        if (c == null) {
            synchronized (o.class) {
                if (c == null) {
                    if (Build.VERSION.SDK_INT >= 23 && !e.a(context).b) {
                        bVar = new a(context);
                        c = bVar;
                    }
                    bVar = new b(context);
                    c = bVar;
                }
            }
        }
        return c;
    }

    @VisibleForTesting
    @NonNull
    private K a() throws KeyStoreException {
        if (this.f == null) {
            synchronized (o.class) {
                if (this.f == null) {
                    this.f = b();
                }
            }
        }
        return this.f;
    }

    @VisibleForTesting
    @NonNull
    private K b() throws KeyStoreException {
        boolean containsAlias;
        K a2;
        String str = this.d + ProcessUtils.getCurrentProcessName(this.a);
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            try {
                containsAlias = keyStore.containsAlias(str);
            } catch (NullPointerException unused) {
                t.a("SecureBox", "Keystore is temporarily unavailable.", null);
                try {
                    Thread.sleep(20L);
                } catch (InterruptedException unused2) {
                }
                keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                containsAlias = keyStore.containsAlias(str);
            }
            t.c("SecureBox", "containsAlias[" + str + "]: " + containsAlias);
            if (containsAlias && (a2 = a(keyStore, str)) != null) {
                t.b("SecureBox", "did get master key");
                return a2;
            }
        } catch (Throwable th) {
            t.b("SecureBox", "get master key", th);
        }
        try {
            t.b("SecureBox", "try gen master key");
            K a3 = a(str);
            t.b("SecureBox", "did gen master key");
            return a3;
        } catch (Throwable th2) {
            throw new KeyStoreException("gen master key", th2);
        }
    }

    protected abstract K a(String str) throws GeneralSecurityException;

    protected abstract K a(KeyStore keyStore, String str) throws NoSuchAlgorithmException, UnrecoverableEntryException, KeyStoreException;

    public final String a(w.d dVar, w.c cVar) {
        return this.e + dVar + ":" + cVar.c;
    }

    public final byte[] a(byte[] bArr) throws GeneralSecurityException {
        return a(bArr, (byte[]) a());
    }

    protected abstract byte[] a(byte[] bArr, K k) throws GeneralSecurityException;

    public final byte[] b(byte[] bArr) throws GeneralSecurityException {
        return b(bArr, a());
    }

    protected abstract byte[] b(byte[] bArr, K k) throws GeneralSecurityException;
}
