package com.huawei.cbg.phoenix.encrypt.aes;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.NonNull;
import androidx.annotation.RequiresApi;
import com.huawei.cbg.phoenix.PhX;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes4.dex */
public class PhxAESKeystore {
    private static final String AES_ENCRPT_ERROR = "=aes encrpt error=";
    private static final String AES_PADDING_STYLE = "AES/GCM/NoPadding";
    private static final int KEY_128BIT_SIZE = 128;
    private static final String KEY_STORE_PROVIDER = "AndroidKeyStore";
    private static final String PARAMS = "params_iv";
    private static final String PARAMS_VALUE = "value";
    private static final String TAG = "phx:core:PhxAESKeystore";

    private PhxAESKeystore() {
        throw new IllegalStateException("Utility class");
    }

    @RequiresApi(api = 23)
    public static String decrypt(String str, String str2) {
        PhX.log().i(TAG, "decrypt: ".concat(String.valueOf(str)));
        try {
            JSONObject jSONObject = new JSONObject(str2);
            String str3 = (String) jSONObject.get("value");
            GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, parseHexStr2Byte((String) jSONObject.get(PARAMS)));
            Cipher cipher = Cipher.getInstance(AES_PADDING_STYLE);
            cipher.init(2, getSecretKey(str), gCMParameterSpec);
            return new String(cipher.doFinal(parseHexStr2Byte(str3)), StandardCharsets.UTF_8);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException | JSONException e2) {
            PhX.log().e(TAG, AES_ENCRPT_ERROR.concat(String.valueOf(e2.getMessage())));
            return null;
        }
    }

    @RequiresApi(api = 23)
    public static String encrypt(String str, String str2) {
        PhX.log().i(TAG, "encrypt: ".concat(String.valueOf(str)));
        try {
            Cipher cipher = Cipher.getInstance(AES_PADDING_STYLE);
            cipher.init(1, getSecretKey(str));
            String parseByte2HexStr = parseByte2HexStr(cipher.doFinal(str2.getBytes(StandardCharsets.UTF_8)));
            String parseByte2HexStr2 = parseByte2HexStr(cipher.getIV());
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("value", parseByte2HexStr);
            jSONObject.put(PARAMS, parseByte2HexStr2);
            return jSONObject.toString();
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException | JSONException e2) {
            PhX.log().e(TAG, AES_ENCRPT_ERROR.concat(String.valueOf(e2.getMessage())));
            return null;
        }
    }

    @NonNull
    private static SecretKey generateSecretKey(String str) {
        PhX.log().i(TAG, "generate keystore");
        if (Build.VERSION.SDK_INT < 23) {
            return null;
        }
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", KEY_STORE_PROVIDER);
            keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
            return keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e2) {
            PhX.log().e(TAG, AES_ENCRPT_ERROR.concat(String.valueOf(e2.getMessage())));
            return null;
        }
    }

    private static SecretKey getSecretKey(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE_PROVIDER);
            keyStore.load(null);
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) keyStore.getEntry(str, null);
            return secretKeyEntry == null ? generateSecretKey(str) : secretKeyEntry.getSecretKey();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e2) {
            PhX.log().e(TAG, AES_ENCRPT_ERROR.concat(String.valueOf(e2.getMessage())));
            return null;
        }
    }

    public static String parseByte2HexStr(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            String hexString = Integer.toHexString(b & 255);
            if (hexString.length() == 1) {
                hexString = "0".concat(String.valueOf(hexString));
            }
            sb.append(hexString.toUpperCase(Locale.US));
        }
        return sb.toString();
    }

    public static byte[] parseHexStr2Byte(String str) {
        if (str.length() <= 0) {
            return new byte[0];
        }
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < str.length() / 2; i++) {
            int i2 = i * 2;
            int i3 = i2 + 1;
            bArr[i] = (byte) ((Integer.parseInt(str.substring(i2, i3), 16) * 16) + Integer.parseInt(str.substring(i3, i2 + 2), 16));
        }
        return bArr;
    }
}
