package com.icegps.util;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.bumptech.glide.load.Key;
import com.icegps.util.log.LogUtils;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class SecurityKeyManager {
    private static final int DEFAULT_KEY_SIZE = 2048;
    private static final String KEY_ALIAS = "ICE_AES_KEY_ALIAS";
    private static final String TRANSFORMATION = "RSA/ECB/PKCS1Padding";
    private static volatile SecurityKeyManager instance;
    private boolean isInit = false;
    private KeyStore keyStore;

    private SecurityKeyManager() {
    }

    private void checkInit() {
        if (!this.isInit) {
            throw new IllegalStateException("SecurityKeyManager >> You must initialize it before you can use it. << ");
        }
    }

    public static SecurityKeyManager getInstance() {
        if (instance == null) {
            synchronized (SecurityKeyManager.class) {
                if (instance == null) {
                    instance = new SecurityKeyManager();
                }
            }
        }
        return instance;
    }

    public byte[] decrypt(String str) {
        return decrypt(Base64.decode(str, 0));
    }

    public byte[] decrypt(byte[] bArr) {
        checkInit();
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null);
            Cipher cipher = Cipher.getInstance(TRANSFORMATION);
            cipher.init(2, privateKeyEntry.getPrivateKey());
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public String decryptToString(String str) {
        return decryptToString(Base64.decode(str, 0));
    }

    public String decryptToString(byte[] bArr) {
        byte[] decrypt = decrypt(bArr);
        if (decrypt == null) {
            return null;
        }
        try {
            return new String(decrypt, 0, decrypt.length, Key.STRING_CHARSET_NAME);
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    public byte[] encrypt(byte[] bArr) {
        checkInit();
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.keyStore.getEntry(KEY_ALIAS, null);
            Cipher cipher = Cipher.getInstance(TRANSFORMATION);
            cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public String encryptToBase64String(byte[] bArr) {
        byte[] encrypt = encrypt(bArr);
        if (encrypt == null) {
            return null;
        }
        return Base64.encodeToString(encrypt, 0);
    }

    public void initSecurityKey(Context context) {
        LogUtils.d("SecurityKeyManager >> Start store AES keys. << ");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.keyStore = keyStore;
            keyStore.load(null);
            if (!this.keyStore.containsAlias(KEY_ALIAS)) {
                LogUtils.d("SecurityKeyManager >> Start create security keys. << ");
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(12, 1);
                AlgorithmParameterSpec build = Build.VERSION.SDK_INT >= 23 ? new KeyGenParameterSpec.Builder(KEY_ALIAS, 7).setKeySize(2048).setBlockModes("ECB").setUserAuthenticationRequired(false).setCertificateSubject(new X500Principal("CN=ICE_AES_KEY_ALIAS, OU=ICES Core, O=ICE GPS, C=CHN")).setDigests("SHA-512", "SHA-256", "SHA-1", "MD5").setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).setSignaturePaddings("PKCS1").setEncryptionPaddings("PKCS1Padding", "OAEPPadding").build() : new KeyPairGeneratorSpec.Builder(context).setAlias(KEY_ALIAS).setSubject(new X500Principal("CN=ICE_AES_KEY_ALIAS, OU=ICES Core, O=ICE GPS, C=CHN")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            }
            this.isInit = true;
        } catch (Exception e) {
            e.printStackTrace();
            this.isInit = false;
        }
    }
}
