package com.haohaohu.cachemanage.util;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class KeyStoreHelper {
    public static final String TAG = "KeyStoreHelper";

    /* loaded from: classes2.dex */
    public interface SecurityConstants {
        public static final String BLOCKING_MODE = "NONE";
        public static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";
        public static final String PADDING_TYPE = "PKCS1Padding";
        public static final String SIGNATURE_SHA256withRSA = "SHA256withRSA";
        public static final String SIGNATURE_SHA512withRSA = "SHA512withRSA";
        public static final String TYPE_RSA = "RSA";
    }

    public static void createKeys(Context context, String str) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        if (isSigningKey(str)) {
            return;
        }
        if (Build.VERSION.SDK_INT >= 23) {
            createKeysM(str, false);
        } else if (Build.VERSION.SDK_INT >= 18) {
            createKeysJBMR2(context, str);
        }
    }

    static void createKeysJBMR2(Context context, String str) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.valueOf(Math.abs(str.hashCode()))).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SecurityConstants.TYPE_RSA, SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    static void createKeysM(String str, boolean z) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SecurityConstants.TYPE_RSA, SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(1024, RSAKeyGenParameterSpec.F4)).setBlockModes("CBC").setEncryptionPaddings(SecurityConstants.PADDING_TYPE).setDigests("SHA-256", "SHA-384", "SHA-512").setUserAuthenticationRequired(z).build());
            keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new RuntimeException(e);
        }
    }

    public static String decrypt(String str, String str2) {
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = getPrivateKeyEntry(str);
            if (privateKeyEntry == null) {
                return "";
            }
            PrivateKey privateKey = privateKeyEntry.getPrivateKey();
            Cipher cipher = getCipher();
            cipher.init(2, privateKey);
            return new String(cipher.doFinal(Base64.decode(str2, 2)));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String encrypt(String str, String str2) {
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = getPrivateKeyEntry(str);
            if (privateKeyEntry == null) {
                return "";
            }
            PublicKey publicKey = privateKeyEntry.getCertificate().getPublicKey();
            Cipher cipher = getCipher();
            cipher.init(1, publicKey);
            return Base64.encodeToString(cipher.doFinal(str2.getBytes()), 2);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static Cipher getCipher() throws NoSuchPaddingException, NoSuchAlgorithmException {
        return Cipher.getInstance(String.format("%s/%s/%s", SecurityConstants.TYPE_RSA, SecurityConstants.BLOCKING_MODE, SecurityConstants.PADDING_TYPE));
    }

    private static KeyStore.PrivateKeyEntry getPrivateKeyEntry(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(str, null);
            if (entry != null && (entry instanceof KeyStore.PrivateKeyEntry)) {
                return (KeyStore.PrivateKeyEntry) entry;
            }
            return null;
        } catch (Exception unused) {
            return null;
        }
    }

    public static String getSigningKey(String str) {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        Certificate certificate;
        if (Build.VERSION.SDK_INT < 18 || (privateKeyEntry = getPrivateKeyEntry(str)) == null || (certificate = privateKeyEntry.getCertificate()) == null) {
            return null;
        }
        try {
            return Base64.encodeToString(certificate.getEncoded(), 2);
        } catch (CertificateEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static boolean isSigningKey(String str) {
        if (Build.VERSION.SDK_INT >= 18) {
            try {
                KeyStore keyStore = KeyStore.getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                keyStore.load(null);
                return keyStore.containsAlias(str);
            } catch (Exception unused) {
            }
        }
        return false;
    }
}
