package com.vivo.vcodeimpl.security;

import android.security.keystore.KeyProtection;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.Keep;
import androidx.annotation.RequiresApi;
import com.vivo.analytics.core.utils.h4002;
import com.vivo.vcodecommon.RuleUtil;
import com.vivo.vcodecommon.io.FileUtil;
import com.vivo.vcodecommon.logcat.LogUtil;
import com.vivo.vcodeimpl.TrackerConfigImpl;
import com.vivo.vcodeimpl.d.b.a;
import com.vivo.wallet.pay.plugin.model.SDKConstants;
import java.nio.charset.StandardCharsets;
import java.security.AlgorithmParameters;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* compiled from: src */
@Keep
/* loaded from: classes2.dex */
public class SecUtils {
    private static final String AES_GCM_NO_PADDING = "AES/GCM/NoPadding";
    public static final String DEFAULT_ENCODED = "UTF-8";
    private static final int INIT_ERROR_RESET = 3;
    private static final int IV_LENGTH = 128;
    private static final String KEY_ALGORITHM = "AES";
    private static final int KEY_LENGTH = 256;
    private static final String RSA_ENCRYPTION_ALGORITHM = "RSA/NONE/NoPadding";
    private static String sEncodeKey;
    private static SecretKey sRandomKey;
    private static SecretKey sSecretKey;
    private static final String TAG = RuleUtil.genTag((Class<?>) SecUtils.class);
    private static final AtomicInteger mRetry = new AtomicInteger(0);
    private static final AtomicInteger mRandomRetry = new AtomicInteger(0);

    private static com.vivo.vcodeimpl.bean.b aesEncrypt(byte[] bArr, SecretKey secretKey) throws Exception {
        byte[] bArr2 = new byte[128];
        new SecureRandom().nextBytes(bArr2);
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(1, secretKey, new GCMParameterSpec(128, bArr2));
        return new com.vivo.vcodeimpl.bean.b(cipher.doFinal(bArr), bArr2);
    }

    private static SecretKey createKey() throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        return keyGenerator.generateKey();
    }

    private static PublicKey createRSAKey() {
        return a.a(Base64.decode(FileUtil.readAssetsFile(TrackerConfigImpl.getInstance().getContext(), "publicKey.txt"), 0));
    }

    @RequiresApi(api = 23)
    public static String decryptData(com.vivo.vcodeimpl.bean.b bVar) {
        if (sSecretKey == null) {
            initAesKey();
        }
        if (sSecretKey != null && bVar != null && bVar.a() != null && bVar.b() != null) {
            try {
                Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
                cipher.init(2, sSecretKey, new GCMParameterSpec(128, bVar.b()));
                return new String(cipher.doFinal(bVar.a()), StandardCharsets.UTF_8);
            } catch (Exception e2) {
                LogUtil.e(TAG, " decryptData error", e2);
            }
        }
        return null;
    }

    private static void decryptKey(String str) throws Exception {
        String b = a.h.b();
        if (TextUtils.isEmpty(b) || TrackerConfigImpl.getInstance().getContext() == null) {
            return;
        }
        StringBuilder c0 = i.d.a.a.a.c0("secretKey-vcode-");
        c0.append(TrackerConfigImpl.getInstance().getContext().getPackageName().toUpperCase());
        String sb = c0.toString();
        KeyStore keyStore = KeyStore.getInstance(h4002.f6121f);
        keyStore.load(null);
        SecretKey secretKey = (SecretKey) keyStore.getKey(sb, null);
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(2, secretKey, new GCMParameterSpec(128, Base64.decode(b, 0)));
        sSecretKey = new SecretKeySpec(cipher.doFinal(Base64.decode(str, 0)), "AES/GCM/NoPadding");
    }

    @RequiresApi(api = 23)
    public static com.vivo.vcodeimpl.bean.b encryptData(String str) {
        if (sSecretKey == null) {
            initAesKey();
        }
        if (sSecretKey == null || TextUtils.isEmpty(str)) {
            return null;
        }
        try {
            return aesEncrypt(str.getBytes(StandardCharsets.UTF_8), sSecretKey);
        } catch (Exception e2) {
            LogUtil.e(TAG, " encryptData error", e2);
            b.a("0", str, null);
            return null;
        }
    }

    public static com.vivo.vcodeimpl.bean.b encryptData(byte[] bArr, String str) {
        String str2;
        String str3;
        if (sRandomKey == null || (str3 = sEncodeKey) == null || str3.length() == 0) {
            initRandomKey();
        }
        if (sRandomKey != null && (str2 = sEncodeKey) != null && str2.length() != 0) {
            try {
                return aesEncrypt(bArr, sRandomKey);
            } catch (Exception e2) {
                com.vivo.vcodeimpl.event.quality.a.a().c(str, 0);
                String str4 = TAG;
                StringBuilder c0 = i.d.a.a.a.c0("encryptRandomData error:");
                c0.append(e2.getMessage());
                LogUtil.e(str4, c0.toString());
                b.a(SDKConstants.CashierType.CASHIER_PRE_SIGN, new String(bArr, StandardCharsets.UTF_8), null);
            }
        }
        return null;
    }

    @RequiresApi(api = 23)
    private static void encryptKey() throws Exception {
        if (sSecretKey == null) {
            LogUtil.w(TAG, " key null , not encrypt");
            return;
        }
        StringBuilder c0 = i.d.a.a.a.c0("secretKey-vcode-");
        c0.append(TrackerConfigImpl.getInstance().getContext().getPackageName().toUpperCase());
        String sb = c0.toString();
        KeyStore keyStore = KeyStore.getInstance(h4002.f6121f);
        keyStore.load(null);
        SecretKey createKey = createKey();
        keyStore.setEntry(sb, new KeyStore.SecretKeyEntry(createKey), new KeyProtection.Builder(3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").build());
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(1, createKey);
        AlgorithmParameters parameters = cipher.getParameters();
        if (parameters == null) {
            LogUtil.w(TAG, " algorithm null , not encrypt");
            return;
        }
        byte[] iv = ((GCMParameterSpec) parameters.getParameterSpec(GCMParameterSpec.class)).getIV();
        a.h.a(Base64.encodeToString(cipher.doFinal(sSecretKey.getEncoded()), 0));
        a.h.b(Base64.encodeToString(iv, 0));
    }

    public static String getEncodeKey() {
        return sEncodeKey;
    }

    @RequiresApi(api = 23)
    private static synchronized void initAesKey() {
        synchronized (SecUtils.class) {
            if (mRetry.get() < 3) {
                try {
                    if (sSecretKey == null) {
                        String a2 = a.h.a();
                        if (!TextUtils.isEmpty(a2)) {
                            decryptKey(a2);
                            if (sSecretKey != null) {
                                return;
                            }
                        }
                        sSecretKey = createKey();
                        encryptKey();
                    }
                } catch (Exception e2) {
                    LogUtil.e(TAG, " initAesKey error", e2);
                    mRetry.incrementAndGet();
                }
            }
        }
    }

    private static synchronized void initRandomKey() {
        synchronized (SecUtils.class) {
            if (mRandomRetry.get() < 3) {
                try {
                    if (sRandomKey == null) {
                        sRandomKey = createKey();
                        sEncodeKey = Base64.encodeToString(a.a(sRandomKey.getEncoded(), createRSAKey(), RSA_ENCRYPTION_ALGORITHM), 0);
                    }
                } catch (Exception e2) {
                    LogUtil.e(TAG, " initAesKey error", e2);
                    mRandomRetry.incrementAndGet();
                }
            }
        }
    }
}
