package com.bilibili.commons.security;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import androidx.annotation.RequiresApi;
import com.bilibili.lib.mod.exception.ModError;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class KeyStoreUtils {
    private static final String TAG = "EncryptUtil";
    private static KeyStoreUtils encryptUtilInstance = new KeyStoreUtils();
    private Context context;
    private KeyStore keyStore;
    private final int maxExpiredTime = 1000;
    private String x500PrincipalName = "CN=bili bili, O=Android Authority";
    private int rsaEncryptBlock = ModError.ERROR_LOCAL_ORIGIN_ZIP;
    private int rsaDecryptBlock = 256;

    private KeyStoreUtils() {
    }

    @RequiresApi(api = 18)
    private void createNewKeys(String str) {
        if (TextUtils.isEmpty(str)) {
            return;
        }
        try {
            if (this.keyStore.containsAlias(str)) {
                return;
            }
            if (Build.VERSION.SDK_INT < 23) {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 1000);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.context).setAlias(str).setSubject(new X500Principal(this.x500PrincipalName)).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            } else {
                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator2.initialize(new KeyGenParameterSpec.Builder(str, 2).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").setUserAuthenticationRequired(false).build());
                keyPairGenerator2.generateKeyPair();
            }
        } catch (Exception e2) {
            e2.printStackTrace();
        }
    }

    public static KeyStoreUtils getInstance() {
        return encryptUtilInstance;
    }

    public void clearKeystor(String str) {
        try {
            this.keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.keyStore.load(null);
            this.keyStore.deleteEntry(str);
        } catch (Exception e2) {
            e2.printStackTrace();
        }
    }

    @RequiresApi(api = 18)
    public String decryptString(String str, String str2) {
        String str3;
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            return "";
        }
        synchronized (KeyStoreUtils.class) {
            initKeyStore(str2);
            try {
                PrivateKey privateKey = (PrivateKey) this.keyStore.getKey(str2, null);
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(2, privateKey);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byte[] decode = Base64.decode(str, 8);
                int length = decode.length;
                int i2 = 0;
                int i3 = 0;
                while (true) {
                    int i4 = length - i2;
                    if (i4 <= 0) {
                        break;
                    }
                    byte[] doFinal = i4 > this.rsaDecryptBlock ? cipher.doFinal(decode, i2, this.rsaDecryptBlock) : cipher.doFinal(decode, i2, i4);
                    byteArrayOutputStream.write(doFinal, 0, doFinal.length);
                    i3++;
                    i2 = this.rsaDecryptBlock * i3;
                }
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                str3 = new String(byteArray, 0, byteArray.length, "UTF-8");
            } catch (Exception e2) {
                e2.printStackTrace();
                Log.e(TAG, "in decryptString error:" + e2.getLocalizedMessage());
                str3 = "";
            }
        }
        return str3;
    }

    @RequiresApi(api = 18)
    public String encryptString(String str, String str2) {
        String str3;
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            return "";
        }
        synchronized (KeyStoreUtils.class) {
            initKeyStore(str2);
            try {
                PublicKey publicKey = this.keyStore.getCertificate(str2).getPublicKey();
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(1, publicKey);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                int length = str.length();
                byte[] bytes = str.getBytes();
                int i2 = 0;
                int i3 = 0;
                while (true) {
                    int i4 = length - i2;
                    if (i4 <= 0) {
                        break;
                    }
                    byte[] doFinal = i4 > this.rsaEncryptBlock ? cipher.doFinal(bytes, i2, this.rsaEncryptBlock) : cipher.doFinal(bytes, i2, i4);
                    byteArrayOutputStream.write(doFinal, 0, doFinal.length);
                    i3++;
                    i2 = this.rsaEncryptBlock * i3;
                }
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                str3 = Base64.encodeToString(byteArray, 8);
            } catch (Exception e2) {
                e2.printStackTrace();
                Log.e(TAG, "in encryptString error:" + e2.getMessage());
                str3 = "";
            }
        }
        return str3;
    }

    public void init(Context context, String str) {
        this.context = context;
        this.x500PrincipalName = str;
    }

    @RequiresApi(api = 18)
    public void initKeyStore(String str) {
        synchronized (KeyStoreUtils.class) {
            try {
                if (this.keyStore == null) {
                    this.keyStore = KeyStore.getInstance("AndroidKeyStore");
                    this.keyStore.load(null);
                }
                createNewKeys(str);
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        }
    }
}
