package com.magentatechnology.booking.lib.utils;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.magentatechnology.booking.lib.store.database.ObjectMapping;
import com.magentatechnology.booking.lib.ui.activities.account.registration.crypto.NetworkCryptoUseCase;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jetbrains.annotations.NotNull;

@Metadata(d1 = {"\u00006\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0002\b\u0004\u0018\u0000 \u00172\u00020\u0001:\u0001\u0017B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0010\u0010\u0007\u001a\u00020\b2\u0006\u0010\t\u001a\u00020\nH\u0002J\b\u0010\u000b\u001a\u00020\bH\u0002J\u000e\u0010\f\u001a\u00020\n2\u0006\u0010\r\u001a\u00020\nJ\u000e\u0010\u000e\u001a\u00020\n2\u0006\u0010\u000f\u001a\u00020\nJ\b\u0010\u0010\u001a\u00020\u0011H\u0002J\b\u0010\u0012\u001a\u00020\u0006H\u0002J\u0010\u0010\u0013\u001a\u00020\u00142\u0006\u0010\r\u001a\u00020\u0014H\u0002J\u0010\u0010\u0015\u001a\u00020\u00142\u0006\u0010\u0016\u001a\u00020\u0014H\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u0018"}, d2 = {"Lcom/magentatechnology/booking/lib/utils/CredentialCypher;", "", "context", "Landroid/content/Context;", "(Landroid/content/Context;)V", CredentialCypher.ENCRYPTED_KEY, "Ljava/security/Key;", "createRSAKey", "", ObjectMapping.AddressMapping.COLUMN_ALIAS, "", "createSecretKey", "decryptCredential", "encrypted", "encryptCredential", "cred", "getRSAKey", "Ljava/security/KeyStore$PrivateKeyEntry;", "getSecretKey", "rsaDecrypt", "", "rsaEncrypt", "secret", "Companion", "lib_regularNoSsoProd"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes3.dex */
public final class CredentialCypher {

    @NotNull
    private static final String AES_MODE = "AES/ECB/PKCS7Padding";

    @NotNull
    private static final String ENCRYPTED_KEY = "secretKey";

    @NotNull
    private static final String KEY_STORE = "AndroidKeyStore";

    @NotNull
    private static final String RSA_ALIAS = "cred_alias";

    @NotNull
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";

    @NotNull
    private static final String SHARED_PREFERENCE_NAME = "KeyPreference";
    private static final KeyStore keyStore;

    @NotNull
    private final Context context;

    @NotNull
    private final Key secretKey;

    static {
        KeyStore keyStore2 = KeyStore.getInstance(KEY_STORE);
        keyStore2.load(null);
        keyStore = keyStore2;
    }

    public CredentialCypher(@NotNull Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        this.context = context;
        this.secretKey = getSecretKey();
    }

    private final void createRSAKey(String alias) {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 20);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEY_STORE);
        keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(this.context).setAlias(alias).setSubject(new X500Principal("CN=" + alias)).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
        keyPairGenerator.generateKeyPair();
    }

    private final void createSecretKey() {
        SharedPreferences sharedPreferences = this.context.getSharedPreferences(SHARED_PREFERENCE_NAME, 0);
        if (sharedPreferences.getString(ENCRYPTED_KEY, null) == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            String encodeToString = Base64.encodeToString(rsaEncrypt(bArr), 0);
            SharedPreferences.Editor edit = sharedPreferences.edit();
            edit.putString(ENCRYPTED_KEY, encodeToString);
            edit.commit();
        }
    }

    private final KeyStore.PrivateKeyEntry getRSAKey() {
        KeyStore keyStore2 = keyStore;
        if (!keyStore2.containsAlias(RSA_ALIAS)) {
            createRSAKey(RSA_ALIAS);
        }
        KeyStore.Entry entry = keyStore2.getEntry(RSA_ALIAS, null);
        Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        return (KeyStore.PrivateKeyEntry) entry;
    }

    private final Key getSecretKey() {
        SharedPreferences sharedPreferences = this.context.getSharedPreferences(SHARED_PREFERENCE_NAME, 0);
        String string = sharedPreferences.getString(ENCRYPTED_KEY, null);
        if (string == null) {
            createSecretKey();
            string = sharedPreferences.getString(ENCRYPTED_KEY, null);
        }
        byte[] encryptedKey = Base64.decode(string, 0);
        Intrinsics.checkNotNullExpressionValue(encryptedKey, "encryptedKey");
        return new SecretKeySpec(rsaDecrypt(encryptedKey), NetworkCryptoUseCase.ENCRYPTED_KEY_ALGORITHM);
    }

    private final byte[] rsaDecrypt(byte[] encrypted) {
        KeyStore.PrivateKeyEntry rSAKey = getRSAKey();
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(2, rSAKey.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(encrypted), cipher);
        ArrayList arrayList = new ArrayList();
        for (int read = cipherInputStream.read(); read != -1; read = cipherInputStream.read()) {
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr = new byte[size];
        for (int i2 = 0; i2 < size; i2++) {
            Object obj = arrayList.get(i2);
            Intrinsics.checkNotNullExpressionValue(obj, "values[i]");
            bArr[i2] = ((Number) obj).byteValue();
        }
        return bArr;
    }

    private final byte[] rsaEncrypt(byte[] secret) {
        KeyStore.PrivateKeyEntry rSAKey = getRSAKey();
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(1, rSAKey.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(secret);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "outputStream.toByteArray()");
        return byteArray;
    }

    @NotNull
    public final String decryptCredential(@NotNull String encrypted) {
        Intrinsics.checkNotNullParameter(encrypted, "encrypted");
        Cipher cipher = Cipher.getInstance(AES_MODE, BouncyCastleProvider.PROVIDER_NAME);
        cipher.init(2, this.secretKey);
        Charset charset = Charsets.UTF_8;
        byte[] bytes = encrypted.getBytes(charset);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        byte[] decodedBytes = cipher.doFinal(Base64.decode(bytes, 0));
        Intrinsics.checkNotNullExpressionValue(decodedBytes, "decodedBytes");
        return new String(decodedBytes, charset);
    }

    @NotNull
    public final String encryptCredential(@NotNull String cred) {
        Intrinsics.checkNotNullParameter(cred, "cred");
        Cipher cipher = Cipher.getInstance(AES_MODE, BouncyCastleProvider.PROVIDER_NAME);
        cipher.init(1, this.secretKey);
        byte[] bytes = cred.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
        Intrinsics.checkNotNullExpressionValue(encodeToString, "encodeToString(encodedBytes, Base64.DEFAULT)");
        return encodeToString;
    }
}
