package hik.common.isms.security;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.google.android.gms.stats.CodePackage;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes5.dex */
public class KeystoreSecureUtils {
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final boolean IS_M;
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static KeystoreSecureUtils instance;
    private static KeyStore keyStore;

    static {
        IS_M = Build.VERSION.SDK_INT >= 23;
    }

    private KeystoreSecureUtils() {
        try {
            keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            keyStore.load(null);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static KeystoreSecureUtils getInstance() {
        if (instance == null) {
            instance = new KeystoreSecureUtils();
        }
        return instance;
    }

    private byte[] rsaDecrypt(byte[] bArr, String str) throws Exception {
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, null);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, privateKey);
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        byte[] bArr2 = new byte[arrayList.size()];
        for (int i = 0; i < bArr2.length; i++) {
            bArr2[i] = ((Byte) arrayList.get(i)).byteValue();
        }
        return bArr2;
    }

    private byte[] rsaEncrypt(byte[] bArr, String str) throws Exception {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, keyStore.getCertificate(str).getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    public String decrypt(String str, String str2) {
        if (TextUtils.isEmpty(str2)) {
            return "";
        }
        try {
            return new String(rsaDecrypt(Base64.decode(str2, 0), str));
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public String encrypt(Context context, String str, String str2) {
        if (TextUtils.isEmpty(str2)) {
            return "";
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(MyRSA.KEY_ALGORITHM, ANDROID_KEY_STORE);
            if (IS_M) {
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("PKCS1Padding").setRandomizedEncryptionRequired(false).build());
            } else {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 30);
                keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
            }
            keyPairGenerator.generateKeyPair();
            return Base64.encodeToString(rsaEncrypt(str2.getBytes(), str), 0);
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }
}
