package gov.vghtpe.util;

import android.app.Application;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import k9.j;
import okhttp3.HttpUrl;

/* loaded from: classes2.dex */
public class KeyHelper {
    public static final String AES_MODE = "AES/ECB/PKCS7Padding";
    public static final String KEYSTORE_ALIAS = "tw.com.bicom.VGHTPE.RsaKeyStore";
    public static final String KEYSTORE_PROVIDER = "AndroidKeyStore";
    public static final String KEYSTORE_SECRETKEY = "tw.com.bicom.VGHTPE.SecretKey";
    public static final String KEYSTORE_SIGN_ALIAS = "tw.com.bicom.VGHTPE.RsaSignKeyStore";
    public static final String RSA_MODE = "RSA/ECB/PKCS1Padding";

    public static void createKeyPair(Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER);
            keyStore.load(null);
            if (keyStore.containsAlias(KEYSTORE_ALIAS)) {
                return;
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_PROVIDER);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(KEYSTORE_ALIAS, 15).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").setKeySize(2048).build());
            keyPairGenerator.generateKeyPair();
        } catch (IOException e10) {
            e10.printStackTrace();
        } catch (InvalidAlgorithmParameterException e11) {
            e11.printStackTrace();
        } catch (KeyStoreException e12) {
            e12.printStackTrace();
        } catch (NoSuchAlgorithmException e13) {
            e13.printStackTrace();
        } catch (NoSuchProviderException e14) {
            e14.printStackTrace();
        } catch (CertificateException e15) {
            e15.printStackTrace();
        }
    }

    public static byte[] decrypt(Context context, byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance(AES_MODE);
            cipher.init(2, getSecretKey(context));
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e10) {
            e10.printStackTrace();
            return null;
        }
    }

    public static byte[] decryptBase64(Context context, String str) {
        return decrypt(context, Base64.decode(str.replaceAll("\r", HttpUrl.FRAGMENT_ENCODE_SET).replaceAll("\n", HttpUrl.FRAGMENT_ENCODE_SET), 0));
    }

    public static byte[] encrypt(Context context, byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance(AES_MODE);
            cipher.init(1, getSecretKey(context));
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e10) {
            e10.printStackTrace();
            return null;
        }
    }

    public static String encryptBase64(Context context, byte[] bArr) {
        String replaceAll = Base64.encodeToString(encrypt(context, bArr), 0).replaceAll("\r", HttpUrl.FRAGMENT_ENCODE_SET).replaceAll("\n", HttpUrl.FRAGMENT_ENCODE_SET);
        return replaceAll == null ? HttpUrl.FRAGMENT_ENCODE_SET : replaceAll;
    }

    public static Key getSecretKey(Context context) {
        SharedPreferences sharedPreferences = context.getSharedPreferences(KEYSTORE_PROVIDER, 0);
        String string = sharedPreferences.getString(KEYSTORE_SECRETKEY, null);
        if (string == null || string.length() <= 0) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            string = Base64.encodeToString(rsaEncrypt(context, bArr), 0);
            SharedPreferences.Editor edit = sharedPreferences.edit();
            edit.putString(KEYSTORE_SECRETKEY, string);
            edit.commit();
        }
        return new SecretKeySpec(rsaDecrypt(context, Base64.decode(string, 0)), "AES");
    }

    public static Key getSecretKeyByAES(Context context) {
        SharedPreferences sharedPreferences = context.getSharedPreferences(KEYSTORE_PROVIDER, 0);
        String string = sharedPreferences.getString(KEYSTORE_SECRETKEY, null);
        if (string == null || string.length() <= 0) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            string = Base64.encodeToString(bArr, 0);
            SharedPreferences.Editor edit = sharedPreferences.edit();
            edit.putString(KEYSTORE_SECRETKEY, string);
            edit.commit();
        }
        return new SecretKeySpec(Base64.decode(string, 0), "AES");
    }

    public static KeyStore getSignKeyStore(Context context) {
        KeyStore keyStore = null;
        try {
            KeyStore keyStore2 = KeyStore.getInstance(KEYSTORE_PROVIDER);
            try {
                keyStore2.load(null);
                if (!keyStore2.containsAlias(KEYSTORE_SIGN_ALIAS)) {
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_PROVIDER);
                    keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(KEYSTORE_SIGN_ALIAS, 15).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").setKeySize(2048).build());
                    keyPairGenerator.generateKeyPair();
                    keyStore2 = KeyStore.getInstance(KEYSTORE_PROVIDER);
                    keyStore2.load(null);
                }
                if (keyStore2.getEntry(KEYSTORE_SIGN_ALIAS, null) instanceof KeyStore.PrivateKeyEntry) {
                    return keyStore2;
                }
                return null;
            } catch (IOException e10) {
                e = e10;
                keyStore = keyStore2;
                e.printStackTrace();
                return keyStore;
            } catch (InvalidAlgorithmParameterException e11) {
                e = e11;
                keyStore = keyStore2;
                e.printStackTrace();
                return keyStore;
            } catch (KeyStoreException e12) {
                e = e12;
                keyStore = keyStore2;
                e.printStackTrace();
                return keyStore;
            } catch (NoSuchAlgorithmException e13) {
                e = e13;
                keyStore = keyStore2;
                e.printStackTrace();
                return keyStore;
            } catch (NoSuchProviderException e14) {
                e = e14;
                keyStore = keyStore2;
                e.printStackTrace();
                return keyStore;
            } catch (UnrecoverableEntryException e15) {
                e = e15;
                keyStore = keyStore2;
                e.printStackTrace();
                return keyStore;
            } catch (CertificateException e16) {
                e = e16;
                keyStore = keyStore2;
                e.printStackTrace();
                return keyStore;
            }
        } catch (IOException e17) {
            e = e17;
        } catch (InvalidAlgorithmParameterException e18) {
            e = e18;
        } catch (KeyStoreException e19) {
            e = e19;
        } catch (NoSuchAlgorithmException e20) {
            e = e20;
        } catch (NoSuchProviderException e21) {
            e = e21;
        } catch (UnrecoverableEntryException e22) {
            e = e22;
        } catch (CertificateException e23) {
            e = e23;
        }
    }

    public static String getTcbMacCode(String str, String str2, String str3) {
        String str4 = HttpUrl.FRAGMENT_ENCODE_SET;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            Charset charset = StandardCharsets.UTF_8;
            messageDigest.update(str.getBytes(charset));
            byte[] digest = messageDigest.digest();
            SecretKeySpec secretKeySpec = new SecretKeySpec(j.d(str3), "AES");
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, secretKeySpec, new GCMParameterSpec(128, (str2 + str2).getBytes(charset)));
            byte[] doFinal = cipher.doFinal(digest);
            str4 = j.b(Arrays.copyOfRange(doFinal, doFinal.length + (-8), doFinal.length));
            System.out.println(str4);
            return str4;
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e10) {
            e10.printStackTrace();
            return str4;
        }
    }

    public static void main(String[] strArr) {
        try {
            Application application = (Application) Class.forName("android.app.ActivityThread").getMethod("currentApplication", new Class[0]).invoke(null, null);
            String encryptBase64 = encryptBase64(application, "A123456789".getBytes("UTF-8"));
            Base64.decode(encryptBase64, 0);
            byte[] encrypt = encrypt(application, "A123456789".getBytes("UTF-8"));
            decrypt(application, encrypt);
            decryptBase64(application, encryptBase64);
            new String(decrypt(application, encrypt), "UTF-8");
        } catch (Exception e10) {
            e10.printStackTrace();
        }
    }

    private static byte[] rsaDecrypt(Context context, byte[] bArr) {
        byte[] bArr2 = null;
        try {
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER);
            keyStore.load(null);
            int i10 = 0;
            if (Build.VERSION.SDK_INT >= 28) {
                Cipher cipher = Cipher.getInstance(RSA_MODE);
                if (keyStore.getCertificate(KEYSTORE_ALIAS) == null) {
                    createKeyPair(context);
                    keyStore.getCertificate(KEYSTORE_ALIAS);
                }
                cipher.init(2, (PrivateKey) keyStore.getKey(KEYSTORE_ALIAS, null));
                CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
                ArrayList arrayList = new ArrayList();
                while (true) {
                    int read = cipherInputStream.read();
                    if (read == -1) {
                        break;
                    }
                    arrayList.add(Byte.valueOf((byte) read));
                }
                int size = arrayList.size();
                bArr2 = new byte[size];
                while (i10 < size) {
                    bArr2[i10] = ((Byte) arrayList.get(i10)).byteValue();
                    i10++;
                }
            } else {
                KeyStore.Entry entry = keyStore.getEntry(KEYSTORE_ALIAS, null);
                if (entry == null) {
                    createKeyPair(context);
                    entry = keyStore.getEntry(KEYSTORE_ALIAS, null);
                }
                if (entry != null && (entry instanceof KeyStore.PrivateKeyEntry)) {
                    Cipher cipher2 = Cipher.getInstance(RSA_MODE);
                    cipher2.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
                    CipherInputStream cipherInputStream2 = new CipherInputStream(new ByteArrayInputStream(bArr), cipher2);
                    ArrayList arrayList2 = new ArrayList();
                    while (true) {
                        int read2 = cipherInputStream2.read();
                        if (read2 == -1) {
                            break;
                        }
                        arrayList2.add(Byte.valueOf((byte) read2));
                    }
                    int size2 = arrayList2.size();
                    bArr2 = new byte[size2];
                    while (i10 < size2) {
                        bArr2[i10] = ((Byte) arrayList2.get(i10)).byteValue();
                        i10++;
                    }
                }
            }
        } catch (IOException e10) {
            e10.printStackTrace();
        } catch (InvalidKeyException e11) {
            e11.printStackTrace();
        } catch (KeyStoreException e12) {
            e12.printStackTrace();
        } catch (NoSuchAlgorithmException e13) {
            e13.printStackTrace();
        } catch (UnrecoverableEntryException e14) {
            e14.printStackTrace();
        } catch (CertificateException e15) {
            e15.printStackTrace();
        } catch (NoSuchPaddingException e16) {
            e16.printStackTrace();
        }
        return bArr2;
    }

    private static byte[] rsaEncrypt(Context context, byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER);
            keyStore.load(null);
            if (Build.VERSION.SDK_INT >= 28) {
                Cipher cipher = Cipher.getInstance(RSA_MODE);
                Certificate certificate = keyStore.getCertificate(KEYSTORE_ALIAS);
                if (certificate == null) {
                    createKeyPair(context);
                    certificate = keyStore.getCertificate(KEYSTORE_ALIAS);
                }
                cipher.init(1, certificate.getPublicKey());
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
                cipherOutputStream.write(bArr);
                cipherOutputStream.close();
                return byteArrayOutputStream.toByteArray();
            }
            KeyStore.Entry entry = keyStore.getEntry(KEYSTORE_ALIAS, null);
            if (entry == null) {
                createKeyPair(context);
                entry = keyStore.getEntry(KEYSTORE_ALIAS, null);
            }
            if (entry == null || !(entry instanceof KeyStore.PrivateKeyEntry)) {
                return null;
            }
            Cipher cipher2 = Cipher.getInstance(RSA_MODE);
            cipher2.init(1, ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey());
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream2 = new CipherOutputStream(byteArrayOutputStream2, cipher2);
            cipherOutputStream2.write(bArr);
            cipherOutputStream2.close();
            return byteArrayOutputStream2.toByteArray();
        } catch (IOException e10) {
            e10.printStackTrace();
            return null;
        } catch (InvalidKeyException e11) {
            e11.printStackTrace();
            return null;
        } catch (KeyStoreException e12) {
            e12.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e13) {
            e13.printStackTrace();
            return null;
        } catch (UnrecoverableEntryException e14) {
            e14.printStackTrace();
            return null;
        } catch (CertificateException e15) {
            e15.printStackTrace();
            return null;
        } catch (NoSuchPaddingException e16) {
            e16.printStackTrace();
            return null;
        }
    }
}
