package com.itop.gcloud.msdk.popup.utils;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.vasd.pandora.srp.util.debug.TraceFormat;
import java.io.File;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.util.Calendar;
import java.util.UUID;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes3.dex */
public class MSDKCryptUtils {
    private static final String AES_BLOCK_MODES = "CBC";
    private static final String AES_ENCRYPTION_PADDINGS = "PKCS7Padding";
    private static final String AES_MODE = "AES/CBC/PKCS7Padding";
    private static final String AES_UUID = "AES_UUID";
    private static final String ALGORITHM_AES = "AES";
    private static final String ALGORITHM_RSA = "RSA";
    private static final String AndroidKeyStore = "AndroidKeyStore";
    private static final String KEY_ALIAS_AES = "MSDKPopupAESKey";
    private static final String KEY_ALIAS_RSA = "MSDKPopupRSAKey";
    private static final String POPUP_SP = "POPUP_SP";
    private static final String RSA_BLOCK_MODES = "ECB";
    private static final String RSA_ENCRYPTION_PADDINGS = "PKCS1Padding";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final int ivLen = 16;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.itop.gcloud.msdk.popup.utils.MSDKCryptUtils$1, reason: invalid class name */
    /* loaded from: classes3.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$itop$gcloud$msdk$popup$utils$MSDKCryptUtils$KeyEntry$Type;

        static {
            int[] iArr = new int[KeyEntry.Type.values().length];
            $SwitchMap$com$itop$gcloud$msdk$popup$utils$MSDKCryptUtils$KeyEntry$Type = iArr;
            try {
                iArr[KeyEntry.Type.KEYSTORE_AES.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$itop$gcloud$msdk$popup$utils$MSDKCryptUtils$KeyEntry$Type[KeyEntry.Type.KEYSTORE_RSA.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$itop$gcloud$msdk$popup$utils$MSDKCryptUtils$KeyEntry$Type[KeyEntry.Type.SIMPLE.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class KeyEntry {
        public Key key;
        public Type type;

        /* loaded from: classes3.dex */
        public enum Type {
            UNKNOWN(-1),
            KEYSTORE_AES(1),
            KEYSTORE_RSA(2),
            SIMPLE(3);

            public int id;

            Type(int i) {
                this.id = i;
            }

            public static Type valueOf(int i) {
                for (Type type : values()) {
                    if (i == type.id) {
                        return type;
                    }
                }
                return UNKNOWN;
            }
        }

        private KeyEntry() {
        }

        /* synthetic */ KeyEntry(AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    /* loaded from: classes3.dex */
    public interface OnUpdateEncryptionListener {
        void onUpdate(byte[] bArr);
    }

    public static String decrypt(Context context, String str) {
        return TextUtils.isEmpty(str) ? "" : decrypt(context, str.getBytes(), (OnUpdateEncryptionListener) null);
    }

    public static String decrypt(Context context, String str, OnUpdateEncryptionListener onUpdateEncryptionListener) {
        return TextUtils.isEmpty(str) ? "" : decrypt(context, str.getBytes(), onUpdateEncryptionListener);
    }

    public static String decrypt(Context context, byte[] bArr) {
        return decrypt(context, bArr, (OnUpdateEncryptionListener) null);
    }

    public static String decrypt(Context context, byte[] bArr, OnUpdateEncryptionListener onUpdateEncryptionListener) {
        Key keyFromKeyStore;
        if (context != null && bArr != null && bArr.length > 1) {
            try {
                int intValue = Integer.valueOf(new String(bArr, 0, 1)).intValue();
                try {
                    int i = AnonymousClass1.$SwitchMap$com$itop$gcloud$msdk$popup$utils$MSDKCryptUtils$KeyEntry$Type[KeyEntry.Type.valueOf(intValue).ordinal()];
                    if (i == 1) {
                        keyFromKeyStore = getKeyFromKeyStore();
                    } else if (i == 2) {
                        keyFromKeyStore = getKeyByRSA(context);
                    } else {
                        if (i != 3) {
                            return "";
                        }
                        keyFromKeyStore = getSimpleKey(context);
                    }
                    if (keyFromKeyStore == null) {
                        return "";
                    }
                    Cipher cipher = Cipher.getInstance(AES_MODE);
                    int ivDataBase64Len = getIvDataBase64Len();
                    cipher.init(2, keyFromKeyStore, new IvParameterSpec(Base64.decode(bArr, 1, ivDataBase64Len, 0)));
                    byte[] doFinal = cipher.doFinal(Base64.decode(bArr, ivDataBase64Len + 1, (bArr.length - 1) - ivDataBase64Len, 0));
                    if (onUpdateEncryptionListener != null) {
                        if (intValue > KeyEntry.Type.KEYSTORE_AES.id && Build.VERSION.SDK_INT >= 23) {
                            onUpdateEncryptionListener.onUpdate(doFinal);
                        } else if (intValue > KeyEntry.Type.KEYSTORE_RSA.id && Build.VERSION.SDK_INT >= 18) {
                            onUpdateEncryptionListener.onUpdate(doFinal);
                        }
                    }
                    return new String(doFinal);
                } catch (Exception e) {
                    MSDKPopupLog.e(e.toString());
                }
            } catch (Exception unused) {
            }
        }
        return "";
    }

    private static String decryptByRSA(String str, KeyPair keyPair) throws Exception {
        if (TextUtils.isEmpty(str) || keyPair == null) {
            throw new Exception("content is empty or keyPair is null!");
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, keyPair.getPrivate());
        return new String(cipher.doFinal(Base64.decode(str.getBytes(), 0)));
    }

    public static String encrypt(Context context, String str) {
        return TextUtils.isEmpty(str) ? "" : encrypt(context, str.getBytes());
    }

    public static String encrypt(Context context, byte[] bArr) {
        if (context == null || bArr == null || bArr.length <= 0) {
            return "";
        }
        try {
            Cipher cipher = Cipher.getInstance(AES_MODE);
            KeyEntry key = getKey(context);
            if (key.key != null && key.type != KeyEntry.Type.UNKNOWN) {
                byte[] randomIVData = getRandomIVData();
                String encodeToString = Base64.encodeToString(randomIVData, 0);
                cipher.init(1, key.key, new IvParameterSpec(randomIVData));
                return key.type.id + encodeToString + Base64.encodeToString(cipher.doFinal(bArr), 0);
            }
            return "";
        } catch (Exception e) {
            MSDKPopupLog.e(e.toString());
            return null;
        }
    }

    private static String encryptByRSA(String str, KeyPair keyPair) throws Exception {
        if (TextUtils.isEmpty(str) || keyPair == null) {
            throw new Exception("content is empty or keyPair is null!");
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, keyPair.getPublic());
        return Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
    }

    private static int getIvDataBase64Len() {
        int ceil = ((int) Math.ceil(5.333333333333333d)) * 4;
        return ceil + (ceil / 76) + 1;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private static KeyEntry getKey(Context context) {
        Key key = null;
        KeyEntry keyEntry = new KeyEntry(0 == true ? 1 : 0);
        if (Build.VERSION.SDK_INT >= 23) {
            key = getKeyFromKeyStore();
            keyEntry.type = KeyEntry.Type.KEYSTORE_AES;
        } else if (Build.VERSION.SDK_INT >= 18) {
            key = getKeyByRSA(context);
            keyEntry.type = KeyEntry.Type.KEYSTORE_RSA;
        }
        if (key == null) {
            key = getSimpleKey(context);
            keyEntry.type = KeyEntry.Type.SIMPLE;
        }
        keyEntry.key = key;
        return keyEntry;
    }

    private static Key getKeyByRSA(Context context) {
        String decryptByRSA;
        KeyPair keyPairFromKeyStore = getKeyPairFromKeyStore(context);
        if (keyPairFromKeyStore != null) {
            SharedPreferences sharedPreferences = context.getSharedPreferences(POPUP_SP, 0);
            String string = sharedPreferences.contains(AES_UUID) ? sharedPreferences.getString(AES_UUID, "") : null;
            if (TextUtils.isEmpty(string)) {
                decryptByRSA = UUID.randomUUID().toString().replace(TraceFormat.STR_UNKNOWN, "").substring(0, 16);
                try {
                    sharedPreferences.edit().putString(AES_UUID, encryptByRSA(decryptByRSA, keyPairFromKeyStore)).commit();
                } catch (Exception e) {
                    MSDKPopupLog.e(e.toString());
                    return null;
                }
            } else {
                try {
                    decryptByRSA = decryptByRSA(string, keyPairFromKeyStore);
                } catch (Exception e2) {
                    MSDKPopupLog.e(e2.toString());
                }
            }
            if (!TextUtils.isEmpty(decryptByRSA)) {
                return new SecretKeySpec(decryptByRSA.getBytes(), "AES");
            }
        }
        return null;
    }

    private static Key getKeyFromKeyStore() {
        if (Build.VERSION.SDK_INT >= 23) {
            try {
                KeyStore keyStore = KeyStore.getInstance(AndroidKeyStore);
                if (keyStore != null) {
                    keyStore.load(null);
                    if (keyStore.containsAlias(KEY_ALIAS_AES)) {
                        return keyStore.getKey(KEY_ALIAS_AES, null);
                    }
                    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", AndroidKeyStore);
                    keyGenerator.init(new KeyGenParameterSpec.Builder(KEY_ALIAS_AES, 3).setBlockModes(AES_BLOCK_MODES).setEncryptionPaddings(AES_ENCRYPTION_PADDINGS).setUserAuthenticationRequired(false).setRandomizedEncryptionRequired(false).build());
                    return keyGenerator.generateKey();
                }
            } catch (Exception e) {
                MSDKPopupLog.e(e.toString());
            }
        }
        return null;
    }

    private static KeyPair getKeyPairFromKeyStore(Context context) {
        if (Build.VERSION.SDK_INT >= 18) {
            try {
                KeyStore keyStore = KeyStore.getInstance(AndroidKeyStore);
                keyStore.load(null);
                if (!keyStore.containsAlias(KEY_ALIAS_RSA)) {
                    Calendar calendar = Calendar.getInstance();
                    Calendar calendar2 = Calendar.getInstance();
                    calendar2.add(1, 10);
                    KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(KEY_ALIAS_RSA).setSubject(new X500Principal("CN=MSDKPopupRSAKey")).setSerialNumber(BigInteger.valueOf(1337L)).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM_RSA, AndroidKeyStore);
                    keyPairGenerator.initialize(build);
                    return keyPairGenerator.generateKeyPair();
                }
                Key key = keyStore.getKey(KEY_ALIAS_RSA, null);
                if (key instanceof PrivateKey) {
                    return new KeyPair(keyStore.getCertificate(KEY_ALIAS_RSA).getPublicKey(), (PrivateKey) key);
                }
            } catch (Exception e) {
                MSDKPopupLog.e(e.toString());
            }
        }
        return null;
    }

    private static byte[] getRandomIVData() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    private static Key getSimpleKey(Context context) {
        try {
            File file = new File(context.getFilesDir(), ".MSDKPopupConfig/.MSDKPopupConfig");
            if (!file.exists()) {
                File parentFile = file.getParentFile();
                if ((parentFile.exists() || parentFile.mkdirs()) && file.createNewFile()) {
                    if (!FileUtils.write(file.getAbsolutePath(), simpleEncrypt(UUID.randomUUID().toString().replace(TraceFormat.STR_UNKNOWN, "").substring(0, 16)).getBytes())) {
                        return null;
                    }
                    file.setWritable(false, false);
                }
                return null;
            }
            return new SecretKeySpec(simpleDecrypt(new String(FileUtils.read(file))).getBytes(), "AES");
        } catch (Exception unused) {
            return null;
        }
    }

    private static String simpleDecrypt(String str) {
        byte[] decode = Base64.decode(str, 0);
        for (int i = 0; i < decode.length; i++) {
            decode[i] = (byte) (~decode[i]);
        }
        return new String(decode);
    }

    private static String simpleEncrypt(String str) {
        byte[] bytes = str.getBytes();
        for (int i = 0; i < bytes.length; i++) {
            bytes[i] = (byte) (~bytes[i]);
        }
        return Base64.encodeToString(bytes, 0);
    }
}
