package cn.com.union.fido.util;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import cn.com.union.fido.bean.SecCheckResult;
import cn.com.union.fido.util.asn1.ASN1Encodable;
import cn.com.union.fido.util.asn1.ASN1EncodableVector;
import cn.com.union.fido.util.asn1.DERInteger;
import cn.com.union.fido.util.asn1.DERSequence;
import com.google.a.a.a.a.a.a;
import com.jdpay.lib.crypto.Encrypt;
import com.jingdong.common.jdreactFramework.utils.l;
import com.jingdong.common.utils.security.JDKeyStore;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Arrays;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class CryptoTools {
    static {
        try {
            System.loadLibrary("cnsse");
        } catch (Throwable th) {
            a.a(th);
        }
    }

    public static byte[] decrypt(String str, String str2) {
        try {
            if (Build.VERSION.SDK_INT < 23) {
                return null;
            }
            SecretKey keyInTee = getKeyInTee(str);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(2, keyInTee, new IvParameterSpec(str.substring(0, 16).getBytes()));
            return cipher.doFinal(StringTools.urlSafeBase64Dec(str2));
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public static byte[] decrypt(byte[] bArr, PrivateKey privateKey) {
        if (Build.VERSION.SDK_INT < 18) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, privateKey);
            cipher.update(bArr);
            return cipher.doFinal();
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public static void delKeyInTee(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
        } catch (Exception e) {
            a.a(e);
        }
    }

    public static byte[] doHash(byte[] bArr, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(bArr);
            return messageDigest.digest();
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public static byte[] doSignData(PrivateKey privateKey, String str, byte[] bArr) {
        try {
            Signature signature = Signature.getInstance(str);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public static byte[] doSignDataTee(PrivateKey privateKey, String str, byte[] bArr) {
        try {
            if (Build.VERSION.SDK_INT < 18) {
                return null;
            }
            Signature signature = Signature.getInstance(str);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public static String encrypt(String str, byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        byte[] bArr2 = null;
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                SecretKey keyInTee = getKeyInTee(str);
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                cipher.init(1, keyInTee, new IvParameterSpec(str.substring(0, 16).getBytes()));
                bArr2 = cipher.doFinal(bArr);
            }
            stringBuffer.append(StringTools.urlSafeBase64Enc(bArr2));
        } catch (Exception e) {
            a.a(e);
        }
        return stringBuffer.toString();
    }

    public static byte[] encrypt(byte[] bArr, PublicKey publicKey) {
        if (Build.VERSION.SDK_INT < 18) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, publicKey);
            cipher.update(bArr);
            return cipher.doFinal();
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public static KeyPair genAsymmetricKey(String str, int i) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
            keyPairGenerator.initialize(i);
            return keyPairGenerator.genKeyPair();
        } catch (Exception e) {
            throw e;
        }
    }

    public static KeyPair genECKeyTee(String str, String str2, boolean z, int i, Context context) {
        KeyPair keyPair = null;
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str2, 4);
                builder.setDigests("SHA-256");
                builder.setAlgorithmParameterSpec(new ECGenParameterSpec(str));
                if (z) {
                    builder.setUserAuthenticationRequired(true);
                    if (i > 0) {
                        builder.setUserAuthenticationValidityDurationSeconds(i);
                    }
                }
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
                keyPairGenerator.initialize(builder.build());
                keyPair = keyPairGenerator.generateKeyPair();
            }
            if (Build.VERSION.SDK_INT < 19 || Build.VERSION.SDK_INT >= 23) {
                return keyPair;
            }
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 100);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str2).setSubject(new X500Principal("CN=" + str2)).setSerialNumber(BigInteger.ONE).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).setKeySize(256).setKeyType("EC").build();
            KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(l.az, "AndroidKeyStore");
            keyPairGenerator2.initialize(build);
            return keyPairGenerator2.generateKeyPair();
        } catch (Exception e) {
            throw e;
        }
    }

    @TargetApi(23)
    public static KeyPair genRSAKeyTee(int i, String str, boolean z, int i2, Context context) {
        KeyPair keyPair = null;
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str, 4);
                builder.setDigests("SHA-256");
                builder.setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(i, null));
                builder.setSignaturePaddings("PKCS1");
                if (z) {
                    builder.setUserAuthenticationRequired(true);
                    if (i2 > 0) {
                        builder.setUserAuthenticationValidityDurationSeconds(i2);
                    }
                }
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(l.az, "AndroidKeyStore");
                keyPairGenerator.initialize(builder.build());
                keyPair = keyPairGenerator.generateKeyPair();
            }
            if (Build.VERSION.SDK_INT < 18 || Build.VERSION.SDK_INT >= 23) {
                return keyPair;
            }
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 100);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.ONE).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).setKeySize(i).setKeyType(l.az).build();
            KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(l.az, "AndroidKeyStore");
            keyPairGenerator2.initialize(build);
            return keyPairGenerator2.generateKeyPair();
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] genRandom(int i) {
        byte[] bArr = null;
        if (i > 0) {
            try {
                if (Build.VERSION.SDK_INT >= 23) {
                    SecureRandom secureRandom = SecureRandom.getInstance(Encrypt.RANDOM_ALGORITHM);
                    bArr = secureRandom.generateSeed(i);
                    secureRandom.setSeed(bArr);
                    secureRandom.nextBytes(new byte[i]);
                } else {
                    SecureRandom.getInstance(Encrypt.RANDOM_ALGORITHM).nextBytes(new byte[i]);
                }
            } catch (Exception e) {
                a.a(e);
            }
        }
        return bArr;
    }

    public static Key genSymmetryKey(String str, int i) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(str);
            keyGenerator.init(i);
            return keyGenerator.generateKey();
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    private static SecretKey genSymmetryKeyTee(String str, boolean z, int i) {
        try {
            if (Build.VERSION.SDK_INT < 23) {
                return null;
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JDKeyStore.KEY_TYPE_AES, "AndroidKeyStore");
            KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str, 3);
            builder.setBlockModes("CBC");
            builder.setRandomizedEncryptionRequired(false);
            builder.setEncryptionPaddings("PKCS7Padding");
            if (z) {
                builder.setUserAuthenticationRequired(true);
                if (i > 0) {
                    builder.setUserAuthenticationValidityDurationSeconds(i);
                }
            }
            keyGenerator.init(builder.build());
            return keyGenerator.generateKey();
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] getDERRSAPublicKey(KeyPair keyPair) {
        try {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) keyPair.getPublic();
            BigInteger modulus = rSAPublicKey.getModulus();
            BigInteger publicExponent = rSAPublicKey.getPublicExponent();
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new DERInteger(modulus));
            aSN1EncodableVector.add(new DERInteger(publicExponent));
            return new DERSequence(aSN1EncodableVector).getEncoded(ASN1Encodable.DER);
        } catch (Exception e) {
            throw e;
        }
    }

    public static SecretKey getKeyInTee(String str) {
        SecretKey secretKey;
        Exception e;
        try {
            if (Build.VERSION.SDK_INT < 23) {
                return null;
            }
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            secretKey = (SecretKey) keyStore.getKey(str, null);
            if (secretKey != null) {
                return secretKey;
            }
            try {
                return genSymmetryKeyTee(str, false, 0);
            } catch (Exception e2) {
                e = e2;
                a.a(e);
                return secretKey;
            }
        } catch (Exception e3) {
            secretKey = null;
            e = e3;
        }
    }

    public static String getKeyString(Key key) {
        byte[] encoded = key.getEncoded();
        return (encoded == null || encoded.length == 0) ? "TEEPrivateKey" + Math.random() : StringTools.urlSafeBase64Enc(encoded);
    }

    public static PrivateKey getPrivateKeyInTee(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.containsAlias(str);
            return (PrivateKey) keyStore.getKey(str, null);
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public static KeyPair getPrivateKeyPairInTee(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return new KeyPair(keyStore.getCertificate(str).getPublicKey(), (PrivateKey) keyStore.getKey(str, null));
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public static PublicKey getPublicKeyInTee(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getCertificate(str).getPublicKey();
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public static byte[] getRAWECPublicKey(KeyPair keyPair) {
        try {
            ECPoint w = ((ECPublicKey) keyPair.getPublic()).getW();
            byte[] asUnsigned32ByteArray = BigIntegerUtil.asUnsigned32ByteArray(w.getAffineX());
            byte[] asUnsigned32ByteArray2 = BigIntegerUtil.asUnsigned32ByteArray(w.getAffineY());
            byte[] bArr = new byte[65];
            bArr[0] = 4;
            System.arraycopy(asUnsigned32ByteArray, 0, bArr, 1, 32);
            System.arraycopy(asUnsigned32ByteArray2, 0, bArr, 33, 32);
            return bArr;
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] getRAWRSAPublicKey(KeyPair keyPair) {
        try {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) keyPair.getPublic();
            byte[] asUnsignedNByteArray = BigIntegerUtil.asUnsignedNByteArray(rSAPublicKey.getModulus(), 256);
            byte[] byteArray = rSAPublicKey.getPublicExponent().toByteArray();
            byte[] copyOf = Arrays.copyOf(asUnsignedNByteArray, asUnsignedNByteArray.length + byteArray.length);
            System.arraycopy(byteArray, 0, copyOf, asUnsignedNByteArray.length, byteArray.length);
            return copyOf;
        } catch (Exception e) {
            throw e;
        }
    }

    public static byte[] getRandomBytesToMixIntoKeystoreRng(SecureRandom secureRandom, int i) {
        if (i <= 0) {
            return new byte[0];
        }
        byte[] bArr = new byte[i];
        secureRandom.nextBytes(bArr);
        return bArr;
    }

    public static byte[] hash(String str, String str2) {
        if (StringTools.isValidateString(str)) {
            return doHash(str.getBytes(), str2);
        }
        return null;
    }

    public static String hash2Hex(String str) {
        byte[] doHash = StringTools.isValidateString(str) ? doHash(str.getBytes(), "SHA256") : null;
        if (doHash == null || doHash.length <= 0) {
            return null;
        }
        StringBuilder sb = new StringBuilder(doHash.length * 2);
        for (byte b2 : doHash) {
            if ((b2 & 255) < 16) {
                sb.append("0");
            }
            sb.append(Integer.toHexString(b2 & 255));
        }
        return sb.toString();
    }

    public static boolean secretKeyDetection(String str) {
        try {
            if (TextUtils.isEmpty(str) || Build.VERSION.SDK_INT < 23) {
                return false;
            }
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.containsAlias(str);
        } catch (Exception e) {
            a.a(e);
            return false;
        }
    }

    public static byte[] signData(PrivateKey privateKey, String str, String str2) {
        if (StringTools.isValidateString(str2)) {
            return doSignData(privateKey, str, str2.getBytes());
        }
        return null;
    }

    public static byte[] signDataTee(PrivateKey privateKey, String str, String str2) {
        if (StringTools.isValidateString(str2)) {
            return doSignDataTee(privateKey, str, str2.getBytes());
        }
        return null;
    }

    public static SecretKey unwrap(byte[] bArr, PrivateKey privateKey) {
        if (Build.VERSION.SDK_INT >= 18) {
            try {
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(4, privateKey);
                return (SecretKey) cipher.unwrap(bArr, JDKeyStore.KEY_TYPE_AES, 3);
            } catch (Exception e) {
                a.a(e);
            }
        }
        return null;
    }

    public static byte[] wrap(SecretKey secretKey, PublicKey publicKey) {
        if (Build.VERSION.SDK_INT < 18) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(3, publicKey);
            return cipher.wrap(secretKey);
        } catch (Exception e) {
            a.a(e);
            return null;
        }
    }

    public native SecCheckResult secCheck(Context context, String str, Signature signature, String str2, byte[] bArr, byte[] bArr2, byte[] bArr3);
}
