package com.miui.notes.tool.util;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.text.TextUtils;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.sql.Date;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import miui.util.IOUtils;

@Deprecated
/* loaded from: classes.dex */
public class SecurityUtil {
    private static final byte[] AES_IV = {-4, -105, 16, -96, 72, -51, 122, 46, 119, 83, -106, -18, 66, Byte.MIN_VALUE, -6, -50};
    private static final String ALIAS = "miui_notes_secret";
    private static final String SECRET_KEY_FILE = "miui_notes_secret";
    private static final String SECRET_PROVIDER = "AndroidKeyStore";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class KeyManager {
        private static SecretKey sSecretKey;

        private KeyManager() {
        }

        private static byte[] decryptKey(Context context, byte[] bArr) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, CertificateException, InvalidAlgorithmParameterException, UnrecoverableEntryException, KeyStoreException, IOException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
            KeyStore.PrivateKeyEntry keyPairFromKeyStore = getKeyPairFromKeyStore(context);
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, keyPairFromKeyStore.getPrivateKey());
            return cipher.doFinal(bArr);
        }

        private static byte[] encryptKey(Context context, byte[] bArr) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, CertificateException, UnrecoverableEntryException, KeyStoreException, IOException, InvalidKeyException, InvalidAlgorithmParameterException, BadPaddingException, IllegalBlockSizeException {
            KeyStore.PrivateKeyEntry keyPairFromKeyStore = getKeyPairFromKeyStore(context);
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, keyPairFromKeyStore.getCertificate().getPublicKey());
            return cipher.doFinal(bArr);
        }

        private static void generateKeyPairInKeyStore(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
            Date date = new Date(0L);
            Calendar calendar = Calendar.getInstance();
            calendar.set(2100, 0, 1);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias("miui_notes_secret").setSubject(new X500Principal("CN=MiuiNotes, O=Android Authority")).setSerialNumber(BigInteger.ONE).setStartDate(date).setEndDate(calendar.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", SecurityUtil.SECRET_PROVIDER);
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        }

        private static SecretKey generateSecretKey() throws NoSuchAlgorithmException {
            SecureRandom secureRandom = new SecureRandom();
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256, secureRandom);
            return keyGenerator.generateKey();
        }

        public static synchronized SecretKey getKey(Context context) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException, InvalidAlgorithmParameterException, NoSuchPaddingException, BadPaddingException, InvalidKeyException, NoSuchProviderException, IllegalBlockSizeException, InvalidKeySpecException, DecryptFailedException {
            SecretKey generateSecretKey;
            synchronized (KeyManager.class) {
                if (sSecretKey != null) {
                    generateSecretKey = sSecretKey;
                } else {
                    byte[] keyFromFile = getKeyFromFile(context);
                    if (keyFromFile != null) {
                        byte[] decryptKey = decryptKey(context, keyFromFile);
                        if (decryptKey == null || decryptKey.length <= 0) {
                            throw new DecryptFailedException("can not decrypt secret key!");
                        }
                        generateSecretKey = new SecretKeySpec(decryptKey, "AES");
                    } else {
                        generateSecretKey = generateSecretKey();
                        saveKeyToFile(context, encryptKey(context, generateSecretKey.getEncoded()));
                    }
                    sSecretKey = generateSecretKey;
                }
            }
            return generateSecretKey;
        }

        private static byte[] getKeyFromFile(Context context) {
            FileInputStream fileInputStream = null;
            try {
                fileInputStream = context.openFileInput("miui_notes_secret");
                byte[] byteArray = IOUtils.toByteArray(fileInputStream);
                IOUtils.closeQuietly(fileInputStream);
                return byteArray;
            } catch (IOException e) {
                IOUtils.closeQuietly(fileInputStream);
                return null;
            } catch (Throwable th) {
                IOUtils.closeQuietly(fileInputStream);
                throw th;
            }
        }

        private static KeyStore.PrivateKeyEntry getKeyPairFromKeyStore(Context context) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, NoSuchProviderException, InvalidAlgorithmParameterException {
            KeyStore keyStore = KeyStore.getInstance(SecurityUtil.SECRET_PROVIDER);
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("miui_notes_secret", null);
            if (privateKeyEntry != null) {
                return privateKeyEntry;
            }
            generateKeyPairInKeyStore(context);
            return (KeyStore.PrivateKeyEntry) keyStore.getEntry("miui_notes_secret", null);
        }

        private static void saveKeyToFile(Context context, byte[] bArr) {
            FileOutputStream fileOutputStream = null;
            try {
                fileOutputStream = context.openFileOutput("miui_notes_secret", 0);
                IOUtils.copy(new ByteArrayInputStream(bArr), fileOutputStream);
            } catch (IOException e) {
            } finally {
                IOUtils.closeQuietly(fileOutputStream);
            }
        }
    }

    public static String decrypt(Context context, String str) throws DecryptFailedException {
        return TextUtils.isEmpty(str) ? "" : new String(decrypt(context, Base64.decode(str.getBytes(), 1)));
    }

    private static byte[] decrypt(Context context, byte[] bArr) throws DecryptFailedException {
        try {
            SecretKey key = KeyManager.getKey(context);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, key, new IvParameterSpec(AES_IV));
            return cipher.doFinal(bArr);
        } catch (IOException e) {
            e.printStackTrace();
            throw new DecryptFailedException(e.getMessage(), e);
        } catch (InvalidAlgorithmParameterException e2) {
            e2.printStackTrace();
            throw new DecryptFailedException(e2.getMessage(), e2);
        } catch (InvalidKeyException e3) {
            e3.printStackTrace();
            throw new DecryptFailedException(e3.getMessage(), e3);
        } catch (KeyStoreException e4) {
            e4.printStackTrace();
            throw new DecryptFailedException(e4.getMessage(), e4);
        } catch (NoSuchAlgorithmException e5) {
            e5.printStackTrace();
            throw new DecryptFailedException(e5.getMessage(), e5);
        } catch (NoSuchProviderException e6) {
            e6.printStackTrace();
            throw new DecryptFailedException(e6.getMessage(), e6);
        } catch (UnrecoverableEntryException e7) {
            e7.printStackTrace();
            throw new DecryptFailedException(e7.getMessage(), e7);
        } catch (CertificateException e8) {
            e8.printStackTrace();
            throw new DecryptFailedException(e8.getMessage(), e8);
        } catch (InvalidKeySpecException e9) {
            e9.printStackTrace();
            throw new DecryptFailedException(e9.getMessage(), e9);
        } catch (BadPaddingException e10) {
            e10.printStackTrace();
            throw new DecryptFailedException(e10.getMessage(), e10);
        } catch (IllegalBlockSizeException e11) {
            e11.printStackTrace();
            throw new DecryptFailedException(e11.getMessage(), e11);
        } catch (NoSuchPaddingException e12) {
            e12.printStackTrace();
            throw new DecryptFailedException(e12.getMessage(), e12);
        }
    }

    public static String encrypt(Context context, String str) throws EncryptFailedException {
        return TextUtils.isEmpty(str) ? "" : new String(Base64.encode(encrypt(context, str.getBytes()), 1));
    }

    private static byte[] encrypt(Context context, byte[] bArr) throws EncryptFailedException {
        try {
            try {
                SecretKey key = KeyManager.getKey(context);
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                cipher.init(1, key, new IvParameterSpec(AES_IV));
                return cipher.doFinal(bArr);
            } catch (DecryptFailedException e) {
                e.printStackTrace();
                throw new EncryptFailedException(e.getMessage(), e);
            }
        } catch (IOException e2) {
            e2.printStackTrace();
            throw new EncryptFailedException(e2.getMessage(), e2);
        } catch (InvalidAlgorithmParameterException e3) {
            e3.printStackTrace();
            throw new EncryptFailedException(e3.getMessage(), e3);
        } catch (InvalidKeyException e4) {
            e4.printStackTrace();
            throw new EncryptFailedException(e4.getMessage(), e4);
        } catch (KeyStoreException e5) {
            e5.printStackTrace();
            throw new EncryptFailedException(e5.getMessage(), e5);
        } catch (NoSuchAlgorithmException e6) {
            e6.printStackTrace();
            throw new EncryptFailedException(e6.getMessage(), e6);
        } catch (NoSuchProviderException e7) {
            e7.printStackTrace();
            throw new EncryptFailedException(e7.getMessage(), e7);
        } catch (UnrecoverableEntryException e8) {
            e8.printStackTrace();
            throw new EncryptFailedException(e8.getMessage(), e8);
        } catch (CertificateException e9) {
            e9.printStackTrace();
            throw new EncryptFailedException(e9.getMessage(), e9);
        } catch (InvalidKeySpecException e10) {
            e10.printStackTrace();
            throw new EncryptFailedException(e10.getMessage(), e10);
        } catch (BadPaddingException e11) {
            e11.printStackTrace();
            throw new EncryptFailedException(e11.getMessage(), e11);
        } catch (IllegalBlockSizeException e12) {
            e12.printStackTrace();
            throw new EncryptFailedException(e12.getMessage(), e12);
        } catch (NoSuchPaddingException e13) {
            e13.printStackTrace();
            throw new EncryptFailedException(e13.getMessage(), e13);
        }
    }
}
