package no.ice.app.widget.utilities;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import no.ice.app.widget.utilities.Converter;
import org.json.JSONObject;

/* compiled from: Crypto.kt */
@Metadata(d1 = {"\u0000\f\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0003\u0018\u0000 \u00032\u00020\u0001:\u0001\u0003B\u0005¢\u0006\u0002\u0010\u0002¨\u0006\u0004"}, d2 = {"Lno/ice/app/widget/utilities/Crypto;", "", "()V", "Companion", "app_store"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes3.dex */
public final class Crypto {

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);

    /* compiled from: Crypto.kt */
    @Metadata(d1 = {"\u0000B\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\f\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0006\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\"\u0010\u0003\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u0005\u001a\u00020\u00042\u0006\u0010\u0006\u001a\u00020\u00072\u0006\u0010\b\u001a\u00020\tH\u0002J\u000e\u0010\n\u001a\u00020\u00042\u0006\u0010\u000b\u001a\u00020\u0004J\u001a\u0010\f\u001a\u0004\u0018\u00010\u00042\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u0005\u001a\u00020\tH\u0002J.\u0010\u000f\u001a\u0004\u0018\u00010\u00042\u0006\u0010\r\u001a\u00020\u000e2\b\u0010\u0010\u001a\u0004\u0018\u00010\u00042\b\u0010\u0011\u001a\u0004\u0018\u00010\u00042\b\u0010\u0012\u001a\u0004\u0018\u00010\u0004JJ\u0010\u0013\u001a\u00020\u00142\u0006\u0010\r\u001a\u00020\u000e2\b\u0010\u0015\u001a\u0004\u0018\u00010\u00042\b\u0010\u0016\u001a\u0004\u0018\u00010\u00042\b\u0010\u0017\u001a\u0004\u0018\u00010\u00042\b\u0010\u0018\u001a\u0004\u0018\u00010\u00042\b\u0010\u0011\u001a\u0004\u0018\u00010\u00042\b\u0010\u0012\u001a\u0004\u0018\u00010\u0004J\u0016\u0010\u0019\u001a\u00020\u00142\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u001a\u001a\u00020\u0004J.\u0010\u001b\u001a\u00020\u00142\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u001c\u001a\u00020\u00042\u0006\u0010\u001a\u001a\u00020\u00042\u0006\u0010\u001d\u001a\u00020\u00042\u0006\u0010\u001e\u001a\u00020\u0004J\b\u0010\u001f\u001a\u00020\tH\u0002J\u0010\u0010 \u001a\u00020!2\u0006\u0010\r\u001a\u00020\u000eH\u0003J\b\u0010\"\u001a\u00020\u0007H\u0002J\u0010\u0010#\u001a\u00020$2\u0006\u0010\r\u001a\u00020\u000eH\u0002J\"\u0010%\u001a\u0004\u0018\u00010\u00042\u0006\u0010&\u001a\u00020\u00042\u0006\u0010\u0006\u001a\u00020\t2\u0006\u0010\b\u001a\u00020\tH\u0002J\"\u0010'\u001a\u0004\u0018\u00010\u00042\u0006\u0010&\u001a\u00020\u00042\u0006\u0010\u0006\u001a\u00020\t2\u0006\u0010\b\u001a\u00020\tH\u0002J\u001a\u0010(\u001a\u0004\u0018\u00010\t2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010&\u001a\u00020\tH\u0002J\u001a\u0010)\u001a\u0004\u0018\u00010\t2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010&\u001a\u00020\tH\u0002¨\u0006*"}, d2 = {"Lno/ice/app/widget/utilities/Crypto$Companion;", "", "()V", "applyAES", "", "dataToEncrypt", "secretKey", "Ljavax/crypto/SecretKey;", "iv", "", "applyHash", "dataToHash", "applyRSA", "context", "Landroid/content/Context;", "decryptLastFailedRefreshToken", "encryptedLastFailedRefreshToken", "encryptedSecretKey", "encryptedIV", "decryptTokens", "Lorg/json/JSONObject;", "encryptedAccessToken", "encryptedRefreshToken", "encryptedExpiresAt", "encryptedIdToken", "encryptLastFailedRefreshToken", "refreshToken", "encryptTokens", "accessToken", "expiresAt", "idToken", "generateIV", "generateKeyPair", "", "generateSecretKey", "getKeyPair", "Ljava/security/KeyPair;", "removeAES", "dataToDecrypt", "removeAESWithoutBase64", "removeRSA", "removeRSAWithoutBase64", "app_store"}, k = 1, mv = {1, 8, 0}, xi = 48)
    /* loaded from: classes3.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        private final String applyAES(String dataToEncrypt, SecretKey secretKey, byte[] iv) {
            try {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                cipher.init(1, secretKey, new IvParameterSpec(iv));
                byte[] encryptedData = Base64.encode(cipher.doFinal(Converter.INSTANCE.convertStringToByteArray(dataToEncrypt)), 2);
                Converter.Companion companion = Converter.INSTANCE;
                Intrinsics.checkNotNullExpressionValue(encryptedData, "encryptedData");
                return companion.convertByteArrayToString(encryptedData);
            } catch (Exception unused) {
                return null;
            }
        }

        private final String applyRSA(Context context, byte[] dataToEncrypt) {
            try {
                PublicKey publicKey = getKeyPair(context).getPublic();
                Intrinsics.checkNotNullExpressionValue(publicKey, "keyPair.public");
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(1, publicKey, new SecureRandom());
                byte[] encryptedData = Base64.encode(cipher.doFinal(dataToEncrypt), 2);
                Converter.Companion companion = Converter.INSTANCE;
                Intrinsics.checkNotNullExpressionValue(encryptedData, "encryptedData");
                return companion.convertByteArrayToString(encryptedData);
            } catch (Exception unused) {
                return null;
            }
        }

        private final byte[] generateIV() {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            return bArr;
        }

        private final synchronized void generateKeyPair(Context context) {
            KeyPairGeneratorSpec keyPairGeneratorSpec;
            KeyGenParameterSpec.Builder encryptionPaddings;
            KeyGenParameterSpec.Builder keySize;
            KeyGenParameterSpec.Builder keyValidityStart;
            KeyGenParameterSpec.Builder keyValidityEnd;
            KeyGenParameterSpec.Builder certificateSubject;
            KeyGenParameterSpec.Builder certificateSerialNumber;
            KeyGenParameterSpec build;
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                Calendar calendar = Calendar.getInstance();
                calendar.add(1, -1);
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 1000);
                if (Build.VERSION.SDK_INT >= 23) {
                    Crypto$Companion$$ExternalSyntheticApiModelOutline7.m2510m();
                    encryptionPaddings = Crypto$Companion$$ExternalSyntheticApiModelOutline7.m(Constants.ALIAS, 3).setEncryptionPaddings("PKCS1Padding");
                    keySize = encryptionPaddings.setKeySize(2048);
                    keyValidityStart = keySize.setKeyValidityStart(calendar.getTime());
                    keyValidityEnd = keyValidityStart.setKeyValidityEnd(calendar2.getTime());
                    certificateSubject = keyValidityEnd.setCertificateSubject(new X500Principal("CN=ice_gateway_widget"));
                    certificateSerialNumber = certificateSubject.setCertificateSerialNumber(BigInteger.ONE);
                    build = certificateSerialNumber.build();
                    Intrinsics.checkNotNullExpressionValue(build, "{\n                    Ke…build()\n                }");
                    keyPairGeneratorSpec = build;
                } else {
                    KeyPairGeneratorSpec build2 = new KeyPairGeneratorSpec.Builder(context).setAlias(Constants.ALIAS).setKeyType("RSA").setKeySize(2048).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).setSubject(new X500Principal("CN=ice_gateway_widget")).setSerialNumber(BigInteger.ONE).build();
                    Intrinsics.checkNotNullExpressionValue(build2, "{\n                    Ke…build()\n                }");
                    keyPairGeneratorSpec = build2;
                }
                keyPairGenerator.initialize(keyPairGeneratorSpec);
                keyPairGenerator.generateKeyPair();
            } catch (Exception unused) {
            }
        }

        private final SecretKey generateSecretKey() {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256, new SecureRandom());
            SecretKey generateKey = keyGenerator.generateKey();
            Intrinsics.checkNotNullExpressionValue(generateKey, "keyGenerator.generateKey()");
            return generateKey;
        }

        private final synchronized KeyPair getKeyPair(Context context) {
            KeyPair keyPair;
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                if (!keyStore.containsAlias(Constants.ALIAS)) {
                    generateKeyPair(context);
                }
                Key key = keyStore.getKey(Constants.ALIAS, null);
                Intrinsics.checkNotNull(key, "null cannot be cast to non-null type java.security.PrivateKey");
                keyPair = new KeyPair(keyStore.getCertificate(Constants.ALIAS).getPublicKey(), (PrivateKey) key);
            } catch (Exception unused) {
                keyPair = new KeyPair(null, null);
            }
            return keyPair;
        }

        private final String removeAES(String dataToDecrypt, byte[] secretKey, byte[] iv) {
            try {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                cipher.init(2, new SecretKeySpec(secretKey, "AES"), new IvParameterSpec(iv));
                byte[] encryptedData = cipher.doFinal(Base64.decode(Converter.INSTANCE.convertStringToByteArray(dataToDecrypt), 2));
                Converter.Companion companion = Converter.INSTANCE;
                Intrinsics.checkNotNullExpressionValue(encryptedData, "encryptedData");
                return companion.convertByteArrayToString(encryptedData);
            } catch (Exception unused) {
                return removeAESWithoutBase64(dataToDecrypt, secretKey, iv);
            }
        }

        private final String removeAESWithoutBase64(String dataToDecrypt, byte[] secretKey, byte[] iv) {
            try {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                cipher.init(2, new SecretKeySpec(secretKey, "AES"), new IvParameterSpec(iv));
                byte[] encryptedData = cipher.doFinal(Converter.INSTANCE.convertStringToByteArray(dataToDecrypt));
                Converter.Companion companion = Converter.INSTANCE;
                Intrinsics.checkNotNullExpressionValue(encryptedData, "encryptedData");
                return companion.convertByteArrayToString(encryptedData);
            } catch (Exception unused) {
                return null;
            }
        }

        private final byte[] removeRSA(Context context, byte[] dataToDecrypt) {
            try {
                PrivateKey privateKey = getKeyPair(context).getPrivate();
                Intrinsics.checkNotNullExpressionValue(privateKey, "keyPair.private");
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(2, privateKey);
                return cipher.doFinal(Base64.decode(dataToDecrypt, 2));
            } catch (Exception unused) {
                return removeRSAWithoutBase64(context, dataToDecrypt);
            }
        }

        private final byte[] removeRSAWithoutBase64(Context context, byte[] dataToDecrypt) {
            try {
                PrivateKey privateKey = getKeyPair(context).getPrivate();
                Intrinsics.checkNotNullExpressionValue(privateKey, "keyPair.private");
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(2, privateKey);
                return cipher.doFinal(dataToDecrypt);
            } catch (Exception unused) {
                return null;
            }
        }

        public final String applyHash(String dataToHash) {
            Intrinsics.checkNotNullParameter(dataToHash, "dataToHash");
            StringBuilder sb = new StringBuilder(new BigInteger(1, MessageDigest.getInstance("SHA-256").digest(Converter.INSTANCE.convertStringToByteArray(dataToHash))).toString(16));
            while (sb.length() < 32) {
                sb.insert(0, "0");
            }
            String sb2 = sb.toString();
            Intrinsics.checkNotNullExpressionValue(sb2, "hexString.toString()");
            return sb2;
        }

        public final String decryptLastFailedRefreshToken(Context context, String encryptedLastFailedRefreshToken, String encryptedSecretKey, String encryptedIV) {
            Intrinsics.checkNotNullParameter(context, "context");
            if (encryptedLastFailedRefreshToken == null || encryptedSecretKey == null || encryptedIV == null) {
                return null;
            }
            byte[] removeRSA = removeRSA(context, Converter.INSTANCE.convertStringToByteArray(encryptedSecretKey));
            byte[] removeRSA2 = removeRSA(context, Converter.INSTANCE.convertStringToByteArray(encryptedIV));
            if (removeRSA == null || removeRSA2 == null) {
                return null;
            }
            return removeAES(encryptedLastFailedRefreshToken, removeRSA, removeRSA2);
        }

        public final JSONObject decryptTokens(Context context, String encryptedAccessToken, String encryptedRefreshToken, String encryptedExpiresAt, String encryptedIdToken, String encryptedSecretKey, String encryptedIV) {
            String str;
            String str2;
            String str3;
            Intrinsics.checkNotNullParameter(context, "context");
            JSONObject jSONObject = new JSONObject();
            if (encryptedAccessToken != null && encryptedRefreshToken != null && encryptedExpiresAt != null && encryptedSecretKey != null && encryptedIV != null) {
                byte[] removeRSA = removeRSA(context, Converter.INSTANCE.convertStringToByteArray(encryptedSecretKey));
                byte[] removeRSA2 = removeRSA(context, Converter.INSTANCE.convertStringToByteArray(encryptedIV));
                if (removeRSA != null && removeRSA2 != null) {
                    String removeAES = removeAES(encryptedAccessToken, removeRSA, removeRSA2);
                    str2 = removeAES(encryptedRefreshToken, removeRSA, removeRSA2);
                    str3 = removeAES(encryptedExpiresAt, removeRSA, removeRSA2);
                    str = encryptedIdToken != null ? removeAES(encryptedIdToken, removeRSA, removeRSA2) : null;
                    r1 = removeAES;
                    jSONObject.put("accessToken", r1);
                    jSONObject.put("refreshToken", str2);
                    jSONObject.put("expiresAt", str3);
                    jSONObject.put("idToken", str);
                    return jSONObject;
                }
            }
            str = null;
            str2 = null;
            str3 = null;
            jSONObject.put("accessToken", r1);
            jSONObject.put("refreshToken", str2);
            jSONObject.put("expiresAt", str3);
            jSONObject.put("idToken", str);
            return jSONObject;
        }

        public final JSONObject encryptLastFailedRefreshToken(Context context, String refreshToken) {
            Intrinsics.checkNotNullParameter(context, "context");
            Intrinsics.checkNotNullParameter(refreshToken, "refreshToken");
            SecretKey generateSecretKey = generateSecretKey();
            byte[] generateIV = generateIV();
            String applyAES = applyAES(refreshToken, generateSecretKey, generateIV);
            byte[] encoded = generateSecretKey.getEncoded();
            Intrinsics.checkNotNullExpressionValue(encoded, "secretKey.encoded");
            String applyRSA = applyRSA(context, encoded);
            String applyRSA2 = applyRSA(context, generateIV);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("encryptedLastFailedRefreshToken", applyAES);
            jSONObject.put("encryptedLastFailedRefreshSecretKey", applyRSA);
            jSONObject.put("encryptedLastFailedRefreshIV", applyRSA2);
            return jSONObject;
        }

        public final JSONObject encryptTokens(Context context, String accessToken, String refreshToken, String expiresAt, String idToken) {
            Intrinsics.checkNotNullParameter(context, "context");
            Intrinsics.checkNotNullParameter(accessToken, "accessToken");
            Intrinsics.checkNotNullParameter(refreshToken, "refreshToken");
            Intrinsics.checkNotNullParameter(expiresAt, "expiresAt");
            Intrinsics.checkNotNullParameter(idToken, "idToken");
            SecretKey generateSecretKey = generateSecretKey();
            byte[] generateIV = generateIV();
            String applyAES = applyAES(accessToken, generateSecretKey, generateIV);
            String applyAES2 = applyAES(refreshToken, generateSecretKey, generateIV);
            String applyAES3 = applyAES(expiresAt, generateSecretKey, generateIV);
            String applyAES4 = applyAES(idToken, generateSecretKey, generateIV);
            byte[] encoded = generateSecretKey.getEncoded();
            Intrinsics.checkNotNullExpressionValue(encoded, "secretKey.encoded");
            String applyRSA = applyRSA(context, encoded);
            String applyRSA2 = applyRSA(context, generateIV);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("encryptedAccessToken", applyAES);
            jSONObject.put("encryptedRefreshToken", applyAES2);
            jSONObject.put("encryptedExpiresAt", applyAES3);
            jSONObject.put("encryptedIdToken", applyAES4);
            jSONObject.put("encryptedSecretKey", applyRSA);
            jSONObject.put("encryptedIV", applyRSA2);
            return jSONObject;
        }
    }
}
