package com.criotive.cm.utils;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: classes.dex */
public class EncryptionTools {
    private static final String AES = "AES";
    private static final String AES_CIPHER_VERSION = "AES/GCM/NoPadding";
    private static final int AES_KEY_SIZE = 128;
    private static final int AES_TAG_SIZE = 128;
    private static final String ALIAS = "Criotive";
    private static final String KEY_STORE_NAME = "AndroidKeyStore";
    private static final String MGF_NAME = "MGF1";
    private static final int RSA_KEY_SIZE = 2048;
    private static final String RSA_VERSION = "RSA/ECB/OAEPWithSHA-256AndMGF1Padding";
    private static final String STRING_CHARSET = "UTF-8";
    private static final String TAG = "EncryptionTools";

    @Nullable
    public static String decryptAES(@Nullable Key key, @Nullable byte[] bArr, @Nullable String str) {
        if (key == null || bArr == null || str == null) {
            return null;
        }
        try {
            Cipher aESCipher = getAESCipher(2, key, bArr);
            if (aESCipher != null) {
                return new String(aESCipher.doFinal(Base64.decode(str, 0)), "UTF-8");
            }
            return null;
        } catch (IOException | GeneralSecurityException e) {
            Log.e(TAG, String.valueOf(e));
            return null;
        }
    }

    @Nullable
    public static SecretKeySpec decryptAESKey(@NonNull Context context, @Nullable String str) {
        byte[] decryptRSA;
        if (str == null || (decryptRSA = decryptRSA(context, Base64.decode(str, 0))) == null) {
            return null;
        }
        return new SecretKeySpec(decryptRSA, "AES");
    }

    @Nullable
    public static String decryptRSA(@NonNull Context context, @Nullable String str) {
        byte[] decryptRSA;
        if (str == null || (decryptRSA = decryptRSA(context, Base64.decode(str, 0))) == null) {
            return null;
        }
        try {
            return new String(decryptRSA, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            Log.e(TAG, String.valueOf(e));
            return null;
        }
    }

    @Nullable
    public static byte[] decryptRSA(@NonNull Context context, @NonNull byte[] bArr) {
        PrivateKey privateKey = getPrivateKey(context);
        if (privateKey == null) {
            return null;
        }
        try {
            OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec("SHA-256", MGF_NAME, new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT);
            Cipher cipher = Cipher.getInstance(RSA_VERSION);
            cipher.init(2, privateKey, oAEPParameterSpec);
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e) {
            Log.e(TAG, String.valueOf(e));
            return null;
        }
    }

    @Nullable
    public static String encryptAES(@NonNull Key key, @NonNull byte[] bArr, @NonNull String str) {
        try {
            Cipher aESCipher = getAESCipher(1, key, bArr);
            if (aESCipher != null) {
                return Base64.encodeToString(aESCipher.doFinal(str.getBytes()), 0);
            }
            return null;
        } catch (GeneralSecurityException e) {
            Log.e(TAG, String.valueOf(e));
            return null;
        }
    }

    @Nullable
    public static String encryptAESKey(@NonNull Context context, @NonNull Key key) {
        return encryptRSA(context, key.getEncoded());
    }

    @Nullable
    public static String encryptRSA(@NonNull Context context, @NonNull String str) {
        try {
            return encryptRSA(context, str.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            Log.e(TAG, String.valueOf(e));
            return null;
        }
    }

    @Nullable
    public static String encryptRSA(@NonNull Context context, @NonNull byte[] bArr) {
        if (bArr.length > 245) {
            Log.e(TAG, "Can't encrypt more bytes than the RSA key, use AES instead");
            return null;
        }
        PublicKey publicKey = getPublicKey(context);
        if (publicKey == null) {
            return null;
        }
        try {
            OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec("SHA-256", MGF_NAME, new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT);
            Cipher cipher = Cipher.getInstance(RSA_VERSION);
            cipher.init(1, publicKey, oAEPParameterSpec);
            return Base64.encodeToString(cipher.doFinal(bArr), 0);
        } catch (GeneralSecurityException e) {
            Log.e(TAG, String.valueOf(e));
            return null;
        }
    }

    @NonNull
    public static byte[] generateAESInitializationVector() {
        byte[] bArr = new byte[12];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    @Nullable
    public static SecretKey generateAESKey() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(128);
            return keyGenerator.generateKey();
        } catch (NoSuchAlgorithmException unused) {
            Log.e(TAG, "No such algorithm");
            return null;
        }
    }

    @Nullable
    public static Cipher getAESCipher(int i, @Nullable Key key, @Nullable byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance(AES_CIPHER_VERSION);
            cipher.init(i, key, new GCMParameterSpec(128, bArr));
            return cipher;
        } catch (GeneralSecurityException e) {
            Log.e(TAG, String.valueOf(e));
            return null;
        }
    }

    @Nullable
    private static PrivateKey getPrivateKey(@NonNull Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE_NAME);
            keyStore.load(null);
            if (!keyStore.containsAlias(ALIAS)) {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEY_STORE_NAME);
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(ALIAS, 2).setDigests("SHA-256", MessageDigestAlgorithms.SHA_512).setEncryptionPaddings("OAEPPadding").build());
                keyPairGenerator.generateKeyPair();
            }
            return (PrivateKey) keyStore.getKey(ALIAS, null);
        } catch (Exception e) {
            Log.e(TAG, String.valueOf(e));
            return null;
        }
    }

    @Nullable
    private static PublicKey getPublicKey(@NonNull Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE_NAME);
            keyStore.load(null);
            if (!keyStore.containsAlias(ALIAS)) {
                getPrivateKey(context);
            }
            return keyStore.getCertificate(ALIAS).getPublicKey();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Log.e(TAG, String.valueOf(e));
            return null;
        }
    }
}
