package com.samsung.android.app.notes.lock.common.utils;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import com.samsung.android.support.senl.base.framework.support.Logger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;

/* loaded from: classes2.dex */
public class LockEncryptUtils {
    private static final String ALIAS_NAME_USER_PASSWORD = "com.samsung.android.app.notes_userpasswordkey";
    private static final char[] HEX_TABLE = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
    private static final String TAG = "LockEncryptUtils";

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String decryptString(String str) {
        byte[] byteArray = getByteArray(str);
        if (byteArray == null) {
            Logger.e(TAG, "decryption fail 1");
            return null;
        }
        PrivateKey passwordPrivateKey = getPasswordPrivateKey();
        if (passwordPrivateKey == null) {
            Logger.e(TAG, "decryption fail 2");
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            try {
                if (25 < Build.VERSION.SDK_INT) {
                    cipher.init(2, passwordPrivateKey, new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT));
                } else {
                    cipher.init(2, passwordPrivateKey);
                }
                try {
                    return getHexString(cipher.doFinal(byteArray));
                } catch (Exception e) {
                    Logger.e(TAG, "decryption fail 5 - [" + e.toString() + "]");
                    return null;
                }
            } catch (Exception e2) {
                Logger.e(TAG, "decryption fail 4 - [" + e2.toString() + "]");
                return null;
            }
        } catch (Exception e3) {
            Logger.e(TAG, "decryption fail 3 - [" + e3.toString() + "]");
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String encryptBytes(Context context, byte[] bArr) {
        PublicKey passwordPublicKey = getPasswordPublicKey(context);
        if (passwordPublicKey == null) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            try {
                if (25 < Build.VERSION.SDK_INT) {
                    cipher.init(1, passwordPublicKey, new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT));
                } else {
                    cipher.init(1, passwordPublicKey);
                }
                try {
                    return getHexString(cipher.doFinal(bArr));
                } catch (Exception e) {
                    Logger.e(TAG, "encryption fail 3 - [" + e.toString() + "]");
                    return null;
                }
            } catch (Exception e2) {
                Logger.e(TAG, "encryption fail 2 - [" + e2.toString() + "]");
                return null;
            }
        } catch (Exception e3) {
            Logger.e(TAG, "encryption fail 1 - [" + e3.toString() + "]");
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String encryptString(Context context, String str) {
        byte[] byteArray = getByteArray(str);
        if (byteArray == null) {
            Logger.e(TAG, "encryption fail 1");
            return null;
        }
        PublicKey passwordPublicKey = getPasswordPublicKey(context);
        if (passwordPublicKey == null) {
            Logger.e(TAG, "encryption fail 2");
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            try {
                if (25 < Build.VERSION.SDK_INT) {
                    cipher.init(1, passwordPublicKey, new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT));
                } else {
                    cipher.init(1, passwordPublicKey);
                }
                try {
                    return getHexString(cipher.doFinal(byteArray));
                } catch (Exception e) {
                    Logger.e(TAG, "encryption fail 5 - [" + e.toString() + "]");
                    return null;
                }
            } catch (Exception e2) {
                Logger.e(TAG, "encryption fail 4 - [" + e2.toString() + "]");
                return null;
            }
        } catch (Exception e3) {
            Logger.e(TAG, "encryption fail 3 - [" + e3.toString() + "]");
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized byte[] getByteArray(String str) {
        byte[] bArr;
        synchronized (LockEncryptUtils.class) {
            if (str != null) {
                if (str.length() != 0) {
                    bArr = new byte[str.length() / 2];
                    int length = bArr.length;
                    for (int i = 0; i < length; i++) {
                        bArr[i] = (byte) Integer.parseInt(str.substring(i * 2, (i + 1) * 2), 16);
                    }
                }
            }
            bArr = null;
        }
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized String getHexString(byte[] bArr) {
        String sb;
        synchronized (LockEncryptUtils.class) {
            if (bArr == null) {
                sb = null;
            } else {
                StringBuilder sb2 = new StringBuilder(bArr.length * 2);
                for (byte b : bArr) {
                    sb2.append(HEX_TABLE[(b & 240) >> 4]);
                    sb2.append(HEX_TABLE[b & 15]);
                }
                sb = sb2.toString();
            }
        }
        return sb;
    }

    private static PrivateKey getPasswordPrivateKey() {
        PrivateKey privateKey;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                keyStore.load(null);
                try {
                    if (keyStore.containsAlias(ALIAS_NAME_USER_PASSWORD)) {
                        try {
                            privateKey = (PrivateKey) keyStore.getKey(ALIAS_NAME_USER_PASSWORD, null);
                        } catch (Exception e) {
                            Logger.e(TAG, "Fail to get private key 4 - [" + e.toString() + "]");
                            privateKey = null;
                        }
                    } else {
                        KeyPair makePasswordKeyPair = makePasswordKeyPair();
                        if (makePasswordKeyPair == null) {
                            Logger.e(TAG, "Fail to make key pair");
                            privateKey = null;
                        } else {
                            privateKey = makePasswordKeyPair.getPrivate();
                        }
                    }
                    return privateKey;
                } catch (Exception e2) {
                    Logger.e(TAG, "Fail to get private key 3 - [" + e2.toString() + "]");
                    return null;
                }
            } catch (Exception e3) {
                Logger.e(TAG, "Fail to get private key 2 - [" + e3.toString() + "]");
                return null;
            }
        } catch (KeyStoreException e4) {
            Logger.e(TAG, "Fail to get private key 1 - [" + e4.toString() + "]");
            return null;
        }
    }

    private static PublicKey getPasswordPublicKey(Context context) {
        PublicKey publicKey;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                keyStore.load(null);
                try {
                    if (keyStore.containsAlias(ALIAS_NAME_USER_PASSWORD)) {
                        try {
                            int prefGetCertNullCount = LockPrefUtils.getPrefGetCertNullCount(context);
                            Certificate certificate = keyStore.getCertificate(ALIAS_NAME_USER_PASSWORD);
                            if (certificate == null) {
                                Logger.e(TAG, "KeyStore contains keyPair but returns null");
                                KeyPair keyPair = null;
                                if (prefGetCertNullCount > 3) {
                                    Logger.e(TAG, "retry make keyPair");
                                    keyPair = makePasswordKeyPair();
                                    LockPrefUtils.setPrefGetCertNullCount(context, 0);
                                } else {
                                    Logger.e(TAG, "retry get keyPair count" + prefGetCertNullCount);
                                    LockPrefUtils.setPrefGetCertNullCount(context, prefGetCertNullCount + 1);
                                }
                                if (keyPair == null) {
                                    Logger.e(TAG, "Fail to get key pair 2");
                                    publicKey = null;
                                } else {
                                    publicKey = keyPair.getPublic();
                                }
                            } else {
                                publicKey = certificate.getPublicKey();
                                if (prefGetCertNullCount != 0) {
                                    LockPrefUtils.setPrefGetCertNullCount(context, 0);
                                }
                            }
                        } catch (Exception e) {
                            Logger.e(TAG, "Fail to get public key 4 - [" + e.toString() + "]");
                            publicKey = null;
                        }
                    } else {
                        Logger.e(TAG, "KeyStore does not contain keyPair");
                        KeyPair makePasswordKeyPair = makePasswordKeyPair();
                        if (makePasswordKeyPair == null) {
                            Logger.e(TAG, "Fail to make key pair");
                            publicKey = null;
                        } else {
                            publicKey = makePasswordKeyPair.getPublic();
                        }
                    }
                    return publicKey;
                } catch (Exception e2) {
                    Logger.e(TAG, "Fail to get public key 3 - [" + e2.toString() + "]");
                    return null;
                }
            } catch (Exception e3) {
                Logger.e(TAG, "Fail to get public key 2 - [" + e3.toString() + "]");
                return null;
            }
        } catch (Exception e4) {
            Logger.e(TAG, "Fail to get public key 1 - [" + e4.toString() + "]");
            return null;
        }
    }

    private static KeyPair makePasswordKeyPair() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(ALIAS_NAME_USER_PASSWORD, 3).setKeySize(2048).setDigests("SHA-256").setEncryptionPaddings("OAEPPadding").build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        return keyPairGenerator.generateKeyPair();
    }
}
