package com.habitrpg.android.habitica.helpers;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.google.android.gms.stats.CodePackage;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import javax.security.cert.CertificateException;
import kotlin.d.b.g;
import kotlin.d.b.j;
import kotlin.i.d;
import kotlin.io.a;

/* compiled from: Keyhelper.kt */
/* loaded from: classes.dex */
public final class KeyHelper {
    private static final String AES_MODE_M = "AES/GCM/NoPadding";
    private static final String AndroidKeyStore = "AndroidKeyStore";
    public static final Companion Companion = new Companion(null);
    public static final String ENCRYPTED_KEY = "ENCRYPTED_KEY";
    private static final String KEY_ALIAS = "KEY";
    public static final String PUBLIC_IV = "PUBLIC_IV";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static KeyHelper keyHelper;
    private KeyStore keyStore;
    private SharedPreferences sharedPreferences;

    /* compiled from: Keyhelper.kt */
    /* loaded from: classes.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(g gVar) {
            this();
        }

        public final KeyHelper getInstance(Context context, SharedPreferences sharedPreferences, KeyStore keyStore) {
            j.b(context, "ctx");
            j.b(sharedPreferences, "sharedPreferences");
            j.b(keyStore, "keyStore");
            if (KeyHelper.keyHelper == null) {
                try {
                    KeyHelper.keyHelper = new KeyHelper(context, sharedPreferences, keyStore);
                } catch (IOException e) {
                    e.printStackTrace();
                } catch (InvalidAlgorithmParameterException e2) {
                    e2.printStackTrace();
                } catch (KeyStoreException e3) {
                    e3.printStackTrace();
                } catch (NoSuchAlgorithmException e4) {
                    e4.printStackTrace();
                } catch (NoSuchProviderException e5) {
                    e5.printStackTrace();
                } catch (NoSuchPaddingException e6) {
                    e6.printStackTrace();
                } catch (CertificateException e7) {
                    e7.printStackTrace();
                }
            }
            return KeyHelper.keyHelper;
        }
    }

    public KeyHelper(Context context, SharedPreferences sharedPreferences, KeyStore keyStore) throws NoSuchPaddingException, NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException, CertificateException, IOException {
        j.b(context, "ctx");
        j.b(sharedPreferences, "sharedPreferences");
        j.b(keyStore, "keyStore");
        this.sharedPreferences = sharedPreferences;
        this.keyStore = keyStore;
        if (Build.VERSION.SDK_INT >= 23) {
            generateEncryptKey(context);
        }
        if (Build.VERSION.SDK_INT < 23) {
            try {
                generateAESKey();
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    private final void generateAESKey() throws Exception {
        if (this.sharedPreferences.getString(ENCRYPTED_KEY, null) == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            String encodeToString = Base64.encodeToString(rsaEncrypt(bArr), 0);
            SharedPreferences.Editor edit = this.sharedPreferences.edit();
            j.a((Object) edit, "editor");
            edit.putString(ENCRYPTED_KEY, encodeToString);
            edit.apply();
        }
    }

    private final void generateEncryptKey(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException, CertificateException, IOException {
        this.keyStore.load(null);
        if (Build.VERSION.SDK_INT >= 23) {
            if (this.keyStore.containsAlias(KEY_ALIAS)) {
                return;
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", AndroidKeyStore);
            keyGenerator.init(new KeyGenParameterSpec.Builder(KEY_ALIAS, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
            keyGenerator.generateKey();
            return;
        }
        if (this.keyStore.containsAlias(KEY_ALIAS)) {
            return;
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(context).setAlias(KEY_ALIAS).setSubject(new X500Principal("CN=KEY")).setSerialNumber(BigInteger.TEN);
        j.a((Object) calendar, "start");
        KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(calendar.getTime());
        j.a((Object) calendar2, "end");
        KeyPairGeneratorSpec build = startDate.setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", AndroidKeyStore);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private final Key getAesKeyFromKS() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException, CertificateException, IOException, UnrecoverableKeyException {
        Key key = this.keyStore.getKey(KEY_ALIAS, null);
        if (!(key instanceof SecretKey)) {
            key = null;
        }
        return (SecretKey) key;
    }

    private final String getRandomIV() {
        String string = this.sharedPreferences.getString(PUBLIC_IV, null);
        if (string == null) {
            string = Base64.encodeToString(new SecureRandom().generateSeed(12), 0);
            SharedPreferences.Editor edit = this.sharedPreferences.edit();
            j.a((Object) edit, "editor");
            edit.putString(PUBLIC_IV, string);
            edit.apply();
        }
        j.a((Object) string, "publicIV");
        return string;
    }

    private final Key getSecretKey() throws Exception {
        byte[] decode = Base64.decode(this.sharedPreferences.getString(ENCRYPTED_KEY, null), 0);
        j.a((Object) decode, "encryptedKey");
        return new SecretKeySpec(rsaDecrypt(decode), "AES");
    }

    private final byte[] rsaDecrypt(byte[] bArr) throws Exception {
        KeyStore.Entry entry = this.keyStore.getEntry(KEY_ALIAS, null);
        if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
            entry = null;
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
        Cipher cipher = Cipher.getInstance(RSA_MODE, "AndroidOpenSSL");
        cipher.init(2, privateKeyEntry != null ? privateKeyEntry.getPrivateKey() : null);
        return a.a(new CipherInputStream(new ByteArrayInputStream(bArr), cipher));
    }

    private final byte[] rsaEncrypt(byte[] bArr) throws Exception {
        Certificate certificate;
        PublicKey publicKey = null;
        KeyStore.Entry entry = this.keyStore.getEntry(KEY_ALIAS, null);
        if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
            entry = null;
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
        Cipher cipher = Cipher.getInstance(RSA_MODE, "AndroidOpenSSL");
        if (privateKeyEntry != null && (certificate = privateKeyEntry.getCertificate()) != null) {
            publicKey = certificate.getPublicKey();
        }
        cipher.init(1, publicKey);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        j.a((Object) byteArray, "outputStream.toByteArray()");
        return byteArray;
    }

    public final String decrypt(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
        Cipher cipher;
        j.b(str, "encrypted");
        String randomIV = getRandomIV();
        if (Build.VERSION.SDK_INT >= 23) {
            cipher = Cipher.getInstance(AES_MODE_M);
            j.a((Object) cipher, "Cipher.getInstance(AES_MODE_M)");
            try {
                cipher.init(2, getAesKeyFromKS(), new GCMParameterSpec(128, Base64.decode(randomIV, 0)));
            } catch (Exception e) {
                e.printStackTrace();
            }
        } else {
            cipher = Cipher.getInstance(AES_MODE_M);
            j.a((Object) cipher, "Cipher.getInstance(AES_MODE_M)");
            try {
                cipher.init(2, getSecretKey(), new GCMParameterSpec(128, Base64.decode(randomIV, 0)));
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        }
        try {
            Charset forName = Charset.forName("UTF-8");
            j.a((Object) forName, "Charset.forName(charsetName)");
            byte[] bytes = str.getBytes(forName);
            j.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
            byte[] doFinal = cipher.doFinal(Base64.decode(bytes, 0));
            j.a((Object) doFinal, "decryptedVal");
            return new String(doFinal, d.f2918a);
        } catch (IllegalArgumentException | GeneralSecurityException unused) {
            return null;
        }
    }

    public final String encrypt(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
        Cipher cipher;
        j.b(str, "input");
        String randomIV = getRandomIV();
        if (Build.VERSION.SDK_INT >= 23) {
            cipher = Cipher.getInstance(AES_MODE_M);
            j.a((Object) cipher, "Cipher.getInstance(AES_MODE_M)");
            try {
                cipher.init(1, getAesKeyFromKS(), new GCMParameterSpec(128, Base64.decode(randomIV, 0)));
            } catch (Exception e) {
                e.printStackTrace();
            }
        } else {
            cipher = Cipher.getInstance(AES_MODE_M);
            j.a((Object) cipher, "Cipher.getInstance(AES_MODE_M)");
            try {
                cipher.init(1, getSecretKey(), new GCMParameterSpec(128, Base64.decode(randomIV, 0)));
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        }
        Charset forName = Charset.forName("UTF-8");
        j.a((Object) forName, "Charset.forName(charsetName)");
        byte[] bytes = str.getBytes(forName);
        j.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
        j.a((Object) encodeToString, "Base64.encodeToString(en…dedBytes, Base64.DEFAULT)");
        return encodeToString;
    }

    public final KeyStore getKeyStore() {
        return this.keyStore;
    }

    public final SharedPreferences getSharedPreferences() {
        return this.sharedPreferences;
    }

    public final void setKeyStore(KeyStore keyStore) {
        j.b(keyStore, "<set-?>");
        this.keyStore = keyStore;
    }

    public final void setSharedPreferences(SharedPreferences sharedPreferences) {
        j.b(sharedPreferences, "<set-?>");
        this.sharedPreferences = sharedPreferences;
    }
}
