package c.a.d.d.o0;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Calendar;
import java.util.List;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Lazy;
import kotlin.LazyKt__LazyJVMKt;
import n0.h.c.p;
import n0.h.c.r;
import n0.m.w;

/* loaded from: classes4.dex */
public final class b implements d {
    public final Context a;
    public final Lazy b;

    /* renamed from: c, reason: collision with root package name */
    public final Lazy f7790c;

    /* loaded from: classes4.dex */
    public static final class a extends r implements n0.h.b.a<KeyStore> {
        public static final a a = new a();

        public a() {
            super(0);
        }

        @Override // n0.h.b.a
        public KeyStore invoke() {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore;
        }
    }

    /* renamed from: c.a.d.d.o0.b$b, reason: collision with other inner class name */
    /* loaded from: classes4.dex */
    public static final class C1189b extends r implements n0.h.b.a<c.a.d.d.n0.b> {
        public C1189b() {
            super(0);
        }

        @Override // n0.h.b.a
        public c.a.d.d.n0.b invoke() {
            return new c.a.d.d.n0.b(b.this.a);
        }
    }

    public b(Context context) {
        p.e(context, "context");
        this.a = context;
        this.b = LazyKt__LazyJVMKt.lazy(a.a);
        this.f7790c = LazyKt__LazyJVMKt.lazy(new C1189b());
        if (!c().containsAlias("com.linecorp.linepay.security.AesCipherWorkAround")) {
            d().b("SECURE_PREFERENCE_ENCRYPTED_AES_KEY", null);
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 99);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias("com.linecorp.linepay.security.AesCipherWorkAround").setSubject(new X500Principal("CN=com.linecorp.linepay.security.AesCipherWorkAround")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            p.d(build, "KeyPairGeneratorSpecBuilder(context)\n            .setAlias(KEY_STORE_ALIAS)\n            .setSubject(X500Principal(\"CN=$KEY_STORE_ALIAS\"))\n            .setSerialNumber(BigInteger.TEN)\n            .setStartDate(start.time)\n            .setEndDate(end.time)\n            .build()");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        }
        if (((String) d().a("SECURE_PREFERENCE_ENCRYPTED_AES_KEY", null, String.class)) == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            KeyStore.Entry entry = c().getEntry("com.linecorp.linepay.security.AesCipherWorkAround", null);
            Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(3, ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey());
            byte[] wrap = cipher.wrap(secretKeySpec);
            p.d(wrap, "getInstance(RSA_MODE).apply {\n            init(Cipher.WRAP_MODE, privateKeyEntry.certificate.publicKey)\n        }.run {\n            wrap(secretKey)\n        }");
            d().b("SECURE_PREFERENCE_ENCRYPTED_AES_KEY", Base64.encodeToString(wrap, 0));
        }
    }

    @Override // c.a.d.d.o0.d
    public String a(String str) throws c.a.d.d.o0.e.c {
        p.e(str, "plainText");
        byte[] bArr = new byte[12];
        new SecureRandom().nextBytes(bArr);
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, e(), new GCMParameterSpec(128, bArr));
            byte[] bytes = str.getBytes(n0.m.a.a);
            p.d(bytes, "(this as java.lang.String).getBytes(charset)");
            byte[] doFinal = cipher.doFinal(bytes);
            p.d(doFinal, "encodedBytes");
            p.e(this, "this");
            p.e(doFinal, "receiver");
            String encodeToString = Base64.encodeToString(doFinal, 2);
            p.d(encodeToString, "encodeToString(this, Base64.NO_WRAP)");
            p.e(this, "this");
            p.e(bArr, "receiver");
            String encodeToString2 = Base64.encodeToString(bArr, 2);
            p.d(encodeToString2, "encodeToString(this, Base64.NO_WRAP)");
            return new c(encodeToString, encodeToString2).toString();
        } catch (Exception e) {
            throw new c.a.d.d.o0.e.c("Failed to encrypt!", e);
        }
    }

    @Override // c.a.d.d.o0.d
    public String b(String str) throws c.a.d.d.o0.e.b {
        p.e(str, "encryptedEncodedText");
        p.e(str, "encryptedData");
        List h0 = w.h0(str, new String[]{";"}, false, 0, 6);
        if (!(h0.size() == 2)) {
            h0 = null;
        }
        c cVar = h0 != null ? new c((String) h0.get(0), (String) h0.get(1)) : null;
        if (cVar == null) {
            throw new IllegalArgumentException(c.e.b.a.a.L("Failed to split encrypted text `", str, '`'));
        }
        String str2 = cVar.a;
        String str3 = cVar.b;
        p.e(this, "this");
        p.e(str2, "receiver");
        byte[] decode = Base64.decode(str2, 2);
        p.d(decode, "decode(this, Base64.NO_WRAP)");
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            Key e = e();
            p.e(this, "this");
            p.e(str3, "receiver");
            byte[] decode2 = Base64.decode(str3, 2);
            p.d(decode2, "decode(this, Base64.NO_WRAP)");
            cipher.init(2, e, new GCMParameterSpec(128, decode2));
            byte[] doFinal = cipher.doFinal(decode);
            p.d(doFinal, "decryptedBytes");
            return new String(doFinal, n0.m.a.a);
        } catch (Exception e2) {
            throw new c.a.d.d.o0.e.c("Failed to decrypt!", e2);
        }
    }

    public final KeyStore c() {
        Object value = this.b.getValue();
        p.d(value, "<get-keyStore>(...)");
        return (KeyStore) value;
    }

    public final c.a.d.d.n0.b d() {
        return (c.a.d.d.n0.b) this.f7790c.getValue();
    }

    public final Key e() throws Exception {
        String str = (String) d().a("SECURE_PREFERENCE_ENCRYPTED_AES_KEY", null, String.class);
        if (str == null) {
            throw new IllegalStateException("No key for aes encryption found!");
        }
        byte[] decode = Base64.decode(str, 0);
        p.d(decode, "decode(storedAesKey, Base64.DEFAULT)");
        KeyStore.Entry entry = c().getEntry("com.linecorp.linepay.security.AesCipherWorkAround", null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(4, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        Key unwrap = cipher.unwrap(decode, "AES", 3);
        p.d(unwrap, "getInstance(RSA_MODE).apply {\n            init(Cipher.UNWRAP_MODE, privateKeyEntry.privateKey)\n        }.run {\n            unwrap(encrypted, KEY_ALGORITHM_AES, Cipher.SECRET_KEY)\n        }");
        return unwrap;
    }
}
