package com.indigitall.android.commons.utils;

import D.i;
import Dt.l;
import Dt.m;
import Ir.C3234f;
import Ir.E;
import Uc.C4859i;
import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.indigitall.android.commons.models.KeyExchange;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import kotlin.jvm.internal.C10473w;
import kotlin.jvm.internal.L;

/* loaded from: classes5.dex */
public final class SecretDataUtils {

    @l
    public static final Companion Companion = new Companion(null);

    @l
    private static final String TAG = "[IND]SecretDataUtils";

    @m
    private byte[] keyByteArray;

    @l
    private final String ANDROID_KEYSTORE = i.f6024c;

    @l
    private final String KEYALIAS = "KEYALIAS";

    @l
    private final String ALGORITHM_RSA = "RSA";

    @l
    private final String ALGORITHM_RSA_PADDING_OAEP = "RSA/ECB/OAEPPadding";

    @l
    private final String ALGORITHM_AES = "AES";

    @l
    private final String ALGORITHM_AES_PADDING = "AES/ECB/PKCS7Padding";

    @l
    private final String ALLOWED_CHARACTERS = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";

    /* loaded from: classes5.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(C10473w c10473w) {
            this();
        }
    }

    private final byte[] decryptAES(byte[] bArr, byte[] bArr2) {
        Log log = new Log("[IND]SecretDataUtils#decryptAES");
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, this.ALGORITHM_AES);
            Cipher cipher = Cipher.getInstance(this.ALGORITHM_AES_PADDING);
            cipher.init(2, secretKeySpec);
            return cipher.doFinal(bArr2);
        } catch (Exception e10) {
            log.e("decryptAES: " + e10.getLocalizedMessage()).e(e10.getStackTrace().toString()).writeLog();
            return null;
        }
    }

    private final byte[] decryptPushRSA(PrivateKey privateKey, String str) {
        Log log = new Log("[IND]SecretDataUtils#decryptPushRSA");
        try {
            Cipher cipher = Cipher.getInstance(this.ALGORITHM_RSA_PADDING_OAEP);
            cipher.init(2, privateKey);
            return cipher.doFinal(Base64.decode(str, 0));
        } catch (Exception e10) {
            log.e("decryptPushRSA: " + e10.getLocalizedMessage()).e(e10.getStackTrace().toString()).writeLog();
            return null;
        }
    }

    private final byte[] encryptAES(byte[] bArr, byte[] bArr2) {
        Log log = new Log("[IND]SecretDataUtils#encryptAES");
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, this.ALGORITHM_AES);
            Cipher cipher = Cipher.getInstance(this.ALGORITHM_AES_PADDING);
            cipher.init(1, secretKeySpec);
            return cipher.doFinal(bArr2);
        } catch (Exception e10) {
            log.e("encryptAES: " + e10.getLocalizedMessage()).e(e10.getStackTrace().toString()).writeLog();
            return null;
        }
    }

    private final byte[] encryptRSA(byte[] bArr, byte[] bArr2) {
        Log log = new Log("[IND]SecretDataUtils#encryptRSA");
        try {
            PublicKey generatePublic = KeyFactory.getInstance(this.ALGORITHM_RSA).generatePublic(new X509EncodedKeySpec(bArr));
            Cipher cipher = Cipher.getInstance(this.ALGORITHM_RSA_PADDING_OAEP);
            cipher.init(1, generatePublic);
            return cipher.doFinal(bArr2);
        } catch (Exception e10) {
            log.e("encryptRSA: " + e10.getLocalizedMessage()).e(e10.getStackTrace().toString()).writeLog();
            return null;
        }
    }

    private final KeyPair generateKeys(Context context) {
        try {
            L.o(Calendar.getInstance(), "getInstance()");
            Calendar calendar = Calendar.getInstance();
            L.o(calendar, "getInstance()");
            calendar.add(1, 1);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", this.ANDROID_KEYSTORE);
            L.o(keyPairGenerator, "getInstance(KeyPropertie…HM_RSA, ANDROID_KEYSTORE)");
            KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(this.KEYALIAS, 3);
            builder.setDigests("SHA-256", C4859i.f46736a);
            builder.setBlockModes("ECB");
            builder.setEncryptionPaddings("OAEPPadding");
            builder.setKeySize(2048);
            keyPairGenerator.initialize(builder.build());
            return keyPairGenerator.genKeyPair();
        } catch (Exception e10) {
            e10.printStackTrace();
            return null;
        }
    }

    private final String getRandomString(int i10) {
        SecureRandom secureRandom = new SecureRandom();
        StringBuilder sb2 = new StringBuilder(i10);
        for (int i11 = 0; i11 < i10; i11++) {
            String str = this.ALLOWED_CHARACTERS;
            sb2.append(str.charAt(secureRandom.nextInt(str.length())));
        }
        return sb2.toString();
    }

    private final void setKeyPair(Context context, KeyPair keyPair) {
        PublicKey publicKey;
        PrivateKey privateKey;
        if (keyPair != null && (privateKey = keyPair.getPrivate()) != null) {
            CorePreferenceUtils.setPrivateKey(context, Base64.encodeToString(privateKey.getEncoded(), 0));
        }
        if (keyPair == null || (publicKey = keyPair.getPublic()) == null) {
            return;
        }
        CorePreferenceUtils.setPublicKey(context, Base64.encodeToString(publicKey.getEncoded(), 0));
    }

    @l
    public final String cleanKey(@l String key) {
        L.p(key, "key");
        return E.l2(E.l2(E.l2(E.l2(key, "-----BEGIN PUBLIC KEY-----", "", false, 4, null), "-----END PUBLIC KEY-----", "", false, 4, null), "\r", "", false, 4, null), "\n", "", false, 4, null);
    }

    @m
    public final String decryptPush(@m PrivateKey privateKey, @l String securedKey, @l String securedData) {
        L.p(securedKey, "securedKey");
        L.p(securedData, "securedData");
        Log log = new Log("[IND]SecretDataUtils#decryptPush");
        try {
            byte[] decryptPushRSA = decryptPushRSA(privateKey, securedKey);
            if (decryptPushRSA == null) {
                return null;
            }
            byte[] decode = Base64.decode(securedData, 0);
            L.o(decode, "decode(securedData, Base64.DEFAULT)");
            byte[] decryptAES = decryptAES(decryptPushRSA, decode);
            if (decryptAES != null) {
                return new String(decryptAES, C3234f.f22686b);
            }
            return null;
        } catch (Exception e10) {
            log.e("decryptPush:  " + e10.getLocalizedMessage()).e(e10.getStackTrace().toString()).writeLog();
            return null;
        }
    }

    @m
    public final KeyExchange getDeviceSecuredKeys(@m KeyPair keyPair, @l String publicKeyServerString) {
        byte[] encoded;
        L.p(publicKeyServerString, "publicKeyServerString");
        Log log = new Log("[IND]SecretDataUtils#getDeviceSecuredKeys");
        try {
            String cleanKey = cleanKey(publicKeyServerString);
            PublicKey publicKey = keyPair != null ? keyPair.getPublic() : null;
            if (keyPair != null) {
                keyPair.getPrivate();
            }
            byte[] decode = Base64.decode(getRandomString(32), 0);
            this.keyByteArray = decode;
            if (decode == null) {
                return null;
            }
            byte[] encryptAES = (publicKey == null || (encoded = publicKey.getEncoded()) == null) ? null : encryptAES(decode, encoded);
            String encodeToString = encryptAES != null ? Base64.encodeToString(encryptAES, 0) : null;
            byte[] decode2 = Base64.decode(cleanKey, 0);
            L.o(decode2, "decode(publicKeyServerCleanString, Base64.DEFAULT)");
            byte[] encryptRSA = encryptRSA(decode2, decode);
            String encodeToString2 = encryptRSA != null ? Base64.encodeToString(encryptRSA, 0) : null;
            if (encodeToString != null && encodeToString.length() != 0 && encodeToString2 != null && encodeToString2.length() != 0) {
                return new KeyExchange(encodeToString, encodeToString2);
            }
            return null;
        } catch (Exception e10) {
            log.e("exception getDeviceSecuredKeys: " + e10.getLocalizedMessage()).e(e10.getStackTrace().toString()).writeLog();
            return null;
        }
    }

    @m
    public final KeyPair getKeyPair(@l Context context) {
        L.p(context, "context");
        Log log = new Log("[IND]SecretDataUtils#getKeyPair", context);
        try {
            KeyStore keyStore = KeyStore.getInstance(this.ANDROID_KEYSTORE);
            if (keyStore != null) {
                log.d("generateKey path");
                keyStore.load(null, null);
                Key key = keyStore.getKey(this.KEYALIAS, null);
                Certificate certificate = keyStore.getCertificate(this.KEYALIAS);
                PublicKey publicKey = certificate != null ? certificate.getPublicKey() : null;
                if ((key instanceof PrivateKey) && publicKey != null) {
                    return new KeyPair(publicKey, (PrivateKey) key);
                }
            }
        } catch (Exception e10) {
            log.w("KeyPair path:").w(e10.getLocalizedMessage()).d(e10.getStackTrace().toString()).writeLog();
        }
        try {
            if (CorePreferenceUtils.getPrivateKey(context) != null && CorePreferenceUtils.getPublicKey(context) != null) {
                log.d("SharedPreferences path");
                return new KeyPair(KeyFactory.getInstance(this.ALGORITHM_RSA).generatePublic(new X509EncodedKeySpec(Base64.decode(CorePreferenceUtils.getPublicKey(context), 0))), KeyFactory.getInstance(this.ALGORITHM_RSA).generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(CorePreferenceUtils.getPrivateKey(context), 0))));
            }
        } catch (Exception e11) {
            log.w("SharedPreferences path:").w(e11.getLocalizedMessage()).d(e11.getStackTrace().toString()).writeLog();
        }
        try {
            log.d("generateKey path");
            return generateKeys(context);
        } catch (Exception e12) {
            log.w("generateKey path:").w(e12.getLocalizedMessage()).d(e12.getStackTrace().toString()).writeLog();
            return null;
        }
    }

    @m
    public final PrivateKey getPrivateKey(@l Context context) {
        L.p(context, "context");
        KeyPair keyPair = getKeyPair(context);
        if (keyPair != null) {
            return keyPair.getPrivate();
        }
        return null;
    }

    @m
    public final PublicKey getPublicKey(@l Context context) {
        L.p(context, "context");
        KeyPair keyPair = getKeyPair(context);
        if (keyPair != null) {
            return keyPair.getPublic();
        }
        return null;
    }
}
