package de.epay.xe;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.SharedPreferences;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.StringCompanionObject;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: classes4.dex */
public final class CryptoUtils {

    @NotNull
    private static final String ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final int IV_LENGTH = 16;

    @NotNull
    private static final String TAG = "CryptoUtils";

    @NotNull
    public static final CryptoUtils INSTANCE = new CryptoUtils();

    @NotNull
    private static final CryptoKeyProperties api23KeyProperties = new CryptoKeyProperties("AES", "CBC", "PKCS7Padding");

    @NotNull
    private static final CryptoKeyProperties api21KeyProperties = new CryptoKeyProperties("AES", "ECB", "PKCS7Padding");

    @NotNull
    private static final CryptoKeyProperties api21RsaProperties = new CryptoKeyProperties("RSA", "ECB", "PKCS1Padding");

    /* loaded from: classes4.dex */
    public static final class CryptoKeyProperties {

        @NotNull
        private final String algorithm;

        @NotNull
        private final String blockMode;

        @NotNull
        private final String padding;

        @NotNull
        private final String transformation;

        public CryptoKeyProperties(@NotNull String algorithm, @NotNull String blockMode, @NotNull String padding) {
            Intrinsics.checkNotNullParameter(algorithm, "algorithm");
            Intrinsics.checkNotNullParameter(blockMode, "blockMode");
            Intrinsics.checkNotNullParameter(padding, "padding");
            this.algorithm = algorithm;
            this.blockMode = blockMode;
            this.padding = padding;
            StringCompanionObject stringCompanionObject = StringCompanionObject.INSTANCE;
            String format = String.format("%s/%s/%s", Arrays.copyOf(new Object[]{algorithm, blockMode, padding}, 3));
            Intrinsics.checkNotNullExpressionValue(format, "format(...)");
            this.transformation = format;
        }

        public static /* synthetic */ CryptoKeyProperties copy$default(CryptoKeyProperties cryptoKeyProperties, String str, String str2, String str3, int i2, Object obj) {
            if ((i2 & 1) != 0) {
                str = cryptoKeyProperties.algorithm;
            }
            if ((i2 & 2) != 0) {
                str2 = cryptoKeyProperties.blockMode;
            }
            if ((i2 & 4) != 0) {
                str3 = cryptoKeyProperties.padding;
            }
            return cryptoKeyProperties.copy(str, str2, str3);
        }

        @NotNull
        public final String component1() {
            return this.algorithm;
        }

        @NotNull
        public final String component2() {
            return this.blockMode;
        }

        @NotNull
        public final String component3() {
            return this.padding;
        }

        @NotNull
        public final CryptoKeyProperties copy(@NotNull String algorithm, @NotNull String blockMode, @NotNull String padding) {
            Intrinsics.checkNotNullParameter(algorithm, "algorithm");
            Intrinsics.checkNotNullParameter(blockMode, "blockMode");
            Intrinsics.checkNotNullParameter(padding, "padding");
            return new CryptoKeyProperties(algorithm, blockMode, padding);
        }

        public boolean equals(@Nullable Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof CryptoKeyProperties)) {
                return false;
            }
            CryptoKeyProperties cryptoKeyProperties = (CryptoKeyProperties) obj;
            return Intrinsics.areEqual(this.algorithm, cryptoKeyProperties.algorithm) && Intrinsics.areEqual(this.blockMode, cryptoKeyProperties.blockMode) && Intrinsics.areEqual(this.padding, cryptoKeyProperties.padding);
        }

        @NotNull
        public final String getAlgorithm() {
            return this.algorithm;
        }

        @NotNull
        public final String getBlockMode() {
            return this.blockMode;
        }

        @NotNull
        public final String getPadding() {
            return this.padding;
        }

        @NotNull
        public final String getTransformation() {
            return this.transformation;
        }

        public int hashCode() {
            return (((this.algorithm.hashCode() * 31) + this.blockMode.hashCode()) * 31) + this.padding.hashCode();
        }

        @NotNull
        public String toString() {
            return "CryptoKeyProperties(algorithm=" + this.algorithm + ", blockMode=" + this.blockMode + ", padding=" + this.padding + ')';
        }
    }

    private CryptoUtils() {
    }

    @SuppressLint({"InlinedApi"})
    private final boolean generateKey(Context context, String str, SharedPreferences sharedPreferences) {
        KeyStore keyStore = getKeyStore();
        if (keyStore == null) {
            return false;
        }
        try {
            keyStore.load(null);
            CryptoKeyProperties cryptoKeyProperties = api23KeyProperties;
            KeyGenerator keyGenerator = KeyGenerator.getInstance(cryptoKeyProperties.getAlgorithm(), ANDROID_KEYSTORE);
            keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes(cryptoKeyProperties.getBlockMode()).setEncryptionPaddings(cryptoKeyProperties.getPadding()).setRandomizedEncryptionRequired(false).build());
            keyGenerator.generateKey();
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    @SuppressLint({"GetInstance"})
    private final Cipher getCipher(Context context, int i2, String str, SharedPreferences sharedPreferences) {
        try {
            Cipher cipher = Cipher.getInstance(api23KeyProperties.getTransformation());
            Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(...)");
            cipher.init(i2, getKey(context, str, sharedPreferences), new IvParameterSpec(getIV(str, sharedPreferences)));
            return cipher;
        } catch (Exception unused) {
            return null;
        }
    }

    private final Cipher getDecryptCipher(Context context, SharedPreferences sharedPreferences, String str) {
        return getCipher(context, 2, str, sharedPreferences);
    }

    private final Cipher getEncryptCipher(Context context, SharedPreferences sharedPreferences, String str) {
        return getCipher(context, 1, str, sharedPreferences);
    }

    private final byte[] getIV(String str, SharedPreferences sharedPreferences) {
        StringCompanionObject stringCompanionObject = StringCompanionObject.INSTANCE;
        String format = String.format(AuthConstants.PREFS_AUTH_IV, Arrays.copyOf(new Object[]{str}, 1));
        Intrinsics.checkNotNullExpressionValue(format, "format(...)");
        if (sharedPreferences.contains(format)) {
            byte[] decode = Base64.decode(sharedPreferences.getString(format, ""), 0);
            Intrinsics.checkNotNullExpressionValue(decode, "decode(...)");
            return decode;
        }
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        sharedPreferences.edit().putString(format, Base64.encodeToString(bArr, 0)).apply();
        return bArr;
    }

    private final SecretKey getKey(Context context, String str, SharedPreferences sharedPreferences) {
        KeyStore keyStore = getKeyStore();
        if (keyStore == null) {
            return null;
        }
        try {
            if (!keyStore.containsAlias(str) && !generateKey(context, str, sharedPreferences)) {
                return null;
            }
            Key key = keyStore.getKey(str, null);
            Intrinsics.checkNotNull(key, "null cannot be cast to non-null type javax.crypto.SecretKey");
            return (SecretKey) key;
        } catch (Exception unused) {
            return null;
        }
    }

    private final KeyStore getKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            keyStore.load(null);
            return keyStore;
        } catch (Exception unused) {
            return null;
        }
    }

    private final byte[] rsaDecrypt(String str, byte[] bArr) throws Exception {
        KeyStore keyStore = getKeyStore();
        if (keyStore == null) {
            return null;
        }
        KeyStore.Entry entry = keyStore.getEntry(str, null);
        Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance(api21RsaProperties.getTransformation(), "AndroidOpenSSL");
        cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        for (int read = cipherInputStream.read(); read != -1; read = cipherInputStream.read()) {
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i2 = 0; i2 < size; i2++) {
            Object obj = arrayList.get(i2);
            Intrinsics.checkNotNullExpressionValue(obj, "get(...)");
            bArr2[i2] = ((Number) obj).byteValue();
        }
        return bArr2;
    }

    private final byte[] rsaEncrypt(String str, byte[] bArr) throws Exception {
        KeyStore keyStore = getKeyStore();
        if (keyStore == null) {
            return null;
        }
        KeyStore.Entry entry = keyStore.getEntry(str, null);
        Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance(api21RsaProperties.getTransformation(), "AndroidOpenSSL");
        cipher.init(1, ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    public final boolean clearKey(@NotNull String keyName, @NotNull SharedPreferences authPreferences) {
        Intrinsics.checkNotNullParameter(keyName, "keyName");
        Intrinsics.checkNotNullParameter(authPreferences, "authPreferences");
        KeyStore keyStore = getKeyStore();
        if (keyStore == null) {
            return false;
        }
        try {
            if (!keyStore.containsAlias(keyName)) {
                return false;
            }
            keyStore.deleteEntry(keyName);
            SharedPreferences.Editor remove = authPreferences.edit().remove(AuthConstants.PREFS_AUTH_IV);
            StringCompanionObject stringCompanionObject = StringCompanionObject.INSTANCE;
            String format = String.format(AuthConstants.PREFS_ENCRYPTED_KEY, Arrays.copyOf(new Object[]{keyName}, 1));
            Intrinsics.checkNotNullExpressionValue(format, "format(...)");
            remove.remove(format).apply();
            return true;
        } catch (KeyStoreException unused) {
            return false;
        }
    }

    @Nullable
    public final String decrypt(@NotNull Context context, @NotNull String keyName, @NotNull SharedPreferences sharedPreferences, @NotNull String encryptedData) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(keyName, "keyName");
        Intrinsics.checkNotNullParameter(sharedPreferences, "sharedPreferences");
        Intrinsics.checkNotNullParameter(encryptedData, "encryptedData");
        try {
            byte[] decode = Base64.decode(encryptedData, 0);
            Cipher decryptCipher = getDecryptCipher(context, sharedPreferences, keyName);
            if (decryptCipher == null) {
                return null;
            }
            byte[] doFinal = decryptCipher.doFinal(decode);
            Intrinsics.checkNotNull(doFinal);
            Charset US_ASCII = StandardCharsets.US_ASCII;
            Intrinsics.checkNotNullExpressionValue(US_ASCII, "US_ASCII");
            return new String(doFinal, US_ASCII);
        } catch (Exception e2) {
            StringBuilder sb = new StringBuilder();
            sb.append("Could not decrypt data: ");
            sb.append(e2.getMessage());
            return null;
        }
    }

    @Nullable
    public final String encrypt(@NotNull Context context, @NotNull String keyName, @NotNull SharedPreferences sharedPreferences, @NotNull String data) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(keyName, "keyName");
        Intrinsics.checkNotNullParameter(sharedPreferences, "sharedPreferences");
        Intrinsics.checkNotNullParameter(data, "data");
        try {
            Cipher encryptCipher = getEncryptCipher(context, sharedPreferences, keyName);
            if (encryptCipher == null) {
                return null;
            }
            Charset US_ASCII = StandardCharsets.US_ASCII;
            Intrinsics.checkNotNullExpressionValue(US_ASCII, "US_ASCII");
            byte[] bytes = data.getBytes(US_ASCII);
            Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
            return Base64.encodeToString(encryptCipher.doFinal(bytes), 0);
        } catch (Exception unused) {
            return null;
        }
    }

    public final boolean isValidKey(@NotNull Context context, @NotNull SharedPreferences authPreferences, @NotNull String keyName) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(authPreferences, "authPreferences");
        Intrinsics.checkNotNullParameter(keyName, "keyName");
        return (getKeyStore() == null || getCipher(context, 1, keyName, authPreferences) == null) ? false : true;
    }
}
