package io.mimi.sdk.core.securestore.crypter;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.Metadata;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: CrypterPreM.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000@\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\u0012\n\u0002\b\u0004\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\b\b\u0000\u0018\u0000 $2\u00020\u0001:\u0001$B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0010\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u0016H\u0016J\u0010\u0010\u0018\u001a\u00020\u00162\u0006\u0010\u0019\u001a\u00020\u0016H\u0016J\u0010\u0010\u001a\u001a\u00020\u001b2\u0006\u0010\u0010\u001a\u00020\u0011H\u0002J\b\u0010\u001c\u001a\u00020\u001dH\u0002J\b\u0010\u001e\u001a\u00020\u0006H\u0002J\b\u0010\u001f\u001a\u00020\u0011H\u0002J\b\u0010 \u001a\u00020\u001bH\u0016J\u0010\u0010!\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u0016H\u0002J\u0010\u0010\"\u001a\u00020\u00162\u0006\u0010#\u001a\u00020\u0016H\u0002R\u001b\u0010\u0005\u001a\u00020\u00068BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\t\u0010\n\u001a\u0004\b\u0007\u0010\bR\u001b\u0010\u000b\u001a\u00020\f8BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\u000f\u0010\n\u001a\u0004\b\r\u0010\u000eR\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u001b\u0010\u0010\u001a\u00020\u00118BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\u0014\u0010\n\u001a\u0004\b\u0012\u0010\u0013¨\u0006%"}, d2 = {"Lio/mimi/sdk/core/securestore/crypter/CrypterPreM;", "Lio/mimi/sdk/core/securestore/crypter/Crypter;", "context", "Landroid/content/Context;", "(Landroid/content/Context;)V", "aesEncryptedKey", "", "getAesEncryptedKey", "()Ljava/lang/String;", "aesEncryptedKey$delegate", "Lkotlin/Lazy;", "aesKeyPreferences", "Landroid/content/SharedPreferences;", "getAesKeyPreferences", "()Landroid/content/SharedPreferences;", "aesKeyPreferences$delegate", "keyStore", "Ljava/security/KeyStore;", "getKeyStore", "()Ljava/security/KeyStore;", "keyStore$delegate", "decrypt", "", "encrypted", "encrypt", "input", "generateKeys", "", "getSecretKey", "Ljava/security/Key;", "initAESEncryptedKey", "loadKeyStore", "reset", "rsaDecrypt", "rsaEncrypt", "secret", "Companion", "libcore_release"}, k = 1, mv = {1, 4, 2})
/* loaded from: classes.dex */
public final class CrypterPreM implements Crypter {
    private static final String AES_MODE = "AES/ECB/PKCS7Padding";
    private static final String ANDROID_KEY_STORE_ID = "AndroidKeyStore";
    private static final String CIPHER_TRANSFORMATION_PROVIDER = "AndroidKeyStoreBCWorkaround";
    private static final String ENCRYPTED_KEY = "KeyPreference";
    private static final String ENCRYPTED_PREFERENCES = "keys";
    private static final String KEY_ALIAS = "KEY_ALIAS_PRE_M";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";

    /* renamed from: aesEncryptedKey$delegate, reason: from kotlin metadata */
    private final Lazy aesEncryptedKey;

    /* renamed from: aesKeyPreferences$delegate, reason: from kotlin metadata */
    private final Lazy aesKeyPreferences;
    private final Context context;

    /* renamed from: keyStore$delegate, reason: from kotlin metadata */
    private final Lazy keyStore;

    public CrypterPreM(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        this.context = context;
        this.keyStore = LazyKt.lazy(new Function0<KeyStore>() { // from class: io.mimi.sdk.core.securestore.crypter.CrypterPreM$keyStore$2
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public final KeyStore invoke() {
                KeyStore loadKeyStore;
                loadKeyStore = CrypterPreM.this.loadKeyStore();
                return loadKeyStore;
            }
        });
        this.aesKeyPreferences = LazyKt.lazy(new Function0<SharedPreferences>() { // from class: io.mimi.sdk.core.securestore.crypter.CrypterPreM$aesKeyPreferences$2
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super(0);
            }

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // kotlin.jvm.functions.Function0
            public final SharedPreferences invoke() {
                Context context2;
                context2 = CrypterPreM.this.context;
                return context2.getSharedPreferences("keys", 0);
            }
        });
        this.aesEncryptedKey = LazyKt.lazy(new Function0<String>() { // from class: io.mimi.sdk.core.securestore.crypter.CrypterPreM$aesEncryptedKey$2
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public final String invoke() {
                String initAESEncryptedKey;
                initAESEncryptedKey = CrypterPreM.this.initAESEncryptedKey();
                return initAESEncryptedKey;
            }
        });
    }

    private final void generateKeys(KeyStore keyStore) {
        if (keyStore.containsAlias(KEY_ALIAS)) {
            return;
        }
        Calendar start = Calendar.getInstance();
        Calendar end = Calendar.getInstance();
        end.add(1, 30);
        KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(this.context).setAlias(KEY_ALIAS).setSubject(new X500Principal("CN=KEY_ALIAS_PRE_M")).setSerialNumber(BigInteger.TEN);
        Intrinsics.checkNotNullExpressionValue(start, "start");
        KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(start.getTime());
        Intrinsics.checkNotNullExpressionValue(end, "end");
        KeyPairGeneratorSpec build = startDate.setEndDate(end.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", ANDROID_KEY_STORE_ID);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private final String getAesEncryptedKey() {
        return (String) this.aesEncryptedKey.getValue();
    }

    private final SharedPreferences getAesKeyPreferences() {
        return (SharedPreferences) this.aesKeyPreferences.getValue();
    }

    private final KeyStore getKeyStore() {
        return (KeyStore) this.keyStore.getValue();
    }

    private final Key getSecretKey() {
        byte[] encryptedKey = Base64.decode(getAesEncryptedKey(), 0);
        Intrinsics.checkNotNullExpressionValue(encryptedKey, "encryptedKey");
        return new SecretKeySpec(rsaDecrypt(encryptedKey), "AES");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final String initAESEncryptedKey() {
        String string = getAesKeyPreferences().getString(ENCRYPTED_KEY, null);
        if (string == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            string = Base64.encodeToString(rsaEncrypt(bArr), 0);
            SharedPreferences.Editor edit = getAesKeyPreferences().edit();
            edit.putString(ENCRYPTED_KEY, string);
            edit.apply();
        }
        Intrinsics.checkNotNull(string);
        return string;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final KeyStore loadKeyStore() {
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_ID);
        keyStore.load(null);
        Intrinsics.checkNotNullExpressionValue(keyStore, "keyStore");
        generateKeys(keyStore);
        return keyStore;
    }

    private final byte[] rsaDecrypt(byte[] encrypted) {
        KeyStore.Entry entry = getKeyStore().getEntry(KEY_ALIAS, null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance(RSA_MODE, CIPHER_TRANSFORMATION_PROVIDER);
        cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(encrypted), cipher);
        ArrayList arrayList = new ArrayList();
        for (int read = cipherInputStream.read(); read != -1; read = cipherInputStream.read()) {
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr = new byte[size];
        for (int i = 0; i < size; i++) {
            bArr[i] = ((Number) arrayList.get(i)).byteValue();
        }
        return bArr;
    }

    private final byte[] rsaEncrypt(byte[] secret) {
        KeyStore.Entry entry = getKeyStore().getEntry(KEY_ALIAS, null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance(RSA_MODE, CIPHER_TRANSFORMATION_PROVIDER);
        Certificate certificate = ((KeyStore.PrivateKeyEntry) entry).getCertificate();
        Intrinsics.checkNotNullExpressionValue(certificate, "privateKeyEntry.certificate");
        cipher.init(1, certificate.getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(secret);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "outputStream.toByteArray()");
        return byteArray;
    }

    @Override // io.mimi.sdk.core.securestore.crypter.Crypter
    public byte[] decrypt(byte[] encrypted) {
        Intrinsics.checkNotNullParameter(encrypted, "encrypted");
        Cipher cipher = Cipher.getInstance(AES_MODE, "BC");
        cipher.init(2, getSecretKey());
        byte[] doFinal = cipher.doFinal(encrypted);
        Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(encrypted)");
        return doFinal;
    }

    @Override // io.mimi.sdk.core.securestore.crypter.Crypter
    public byte[] encrypt(byte[] input) {
        Intrinsics.checkNotNullParameter(input, "input");
        Cipher cipher = Cipher.getInstance(AES_MODE, "BC");
        cipher.init(1, getSecretKey());
        byte[] doFinal = cipher.doFinal(input);
        Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(input)");
        return doFinal;
    }

    @Override // io.mimi.sdk.core.securestore.crypter.Crypter
    public void reset() {
        getAesKeyPreferences().edit().clear().apply();
    }
}
