package com.huawei.caas.common.security;

import android.content.Context;
import android.text.TextUtils;
import android.util.Base64;
import com.huawei.usp.UspCfg;
import com.huawei.usp.UspHisign;
import com.huawei.usp.UspLog;
import com.huawei.usp.UspSys;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public class CaasSecurityManager {
    public static final String LOG_TAG = "CaasSecurityManager";

    public static String decrypt(String str) {
        if (!TextUtils.isEmpty(str)) {
            return decryptWithKey(str, getKey(CaasSecurityConstants.CAAS_KEY_NAME_DEFAULT));
        }
        UspLog.e(LOG_TAG, "decrypt cipher text is null!");
        return "";
    }

    public static String decryptWithKey(String str, SecretKey secretKey) {
        try {
            if (secretKey == null) {
                UspLog.e(LOG_TAG, "decrypt key is null!");
                return "";
            }
            int indexOf = str.indexOf("|");
            if (indexOf == -1) {
                UspLog.e(LOG_TAG, "decrypt get header len fail!");
                return "";
            }
            Integer valueOf = Integer.valueOf(str.substring(0, indexOf));
            int i = indexOf + 1;
            String substring = str.substring(i, valueOf.intValue() + i);
            String substring2 = str.substring(i + valueOf.intValue());
            byte[] decode = Base64.decode(substring, 2);
            if (!TextUtils.isEmpty(substring) && decode != null) {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                cipher.init(2, secretKey, new IvParameterSpec(decode));
                return new String(cipher.doFinal(Base64.decode(substring2, 2)), StandardCharsets.UTF_8);
            }
            UspLog.e(LOG_TAG, "decrypt salt value is null!");
            return "";
        } catch (NumberFormatException | StringIndexOutOfBoundsException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused) {
            UspLog.e(LOG_TAG, "decrypt failed!");
            return "";
        }
    }

    public static String decryptWithKeyStore(String str) {
        if (TextUtils.isEmpty(str)) {
            UspLog.e(LOG_TAG, "keyStore decrypt cipher text is null!");
            return "";
        }
        UspLog.d(LOG_TAG, "key store decrypt");
        return decryptWithKey(str, getKey(CaasSecurityConstants.CAAS_KEY_NAME_DECRYPT));
    }

    public static String encrypt(String str) {
        if (!TextUtils.isEmpty(str)) {
            return encrypt(str.getBytes(StandardCharsets.UTF_8));
        }
        UspLog.e(LOG_TAG, "encrypt plain text is null!");
        return "";
    }

    public static String encrypt(byte[] bArr) {
        if (bArr == null || bArr.length <= 0) {
            UspLog.e(LOG_TAG, "encrypt bytes is null!");
            return "";
        }
        try {
            SecretKey key = getKey(CaasSecurityConstants.CAAS_KEY_NAME_DEFAULT);
            if (key == null) {
                UspLog.e(LOG_TAG, "encrypt key is null!");
                return "";
            }
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(1, key);
            String encodeToString = Base64.encodeToString(cipher.doFinal(bArr), 2);
            byte[] iv = cipher.getIV();
            if (iv == null) {
                UspLog.e(LOG_TAG, "iv is null!");
                return "";
            }
            String encodeToString2 = Base64.encodeToString(iv, 2);
            StringBuffer stringBuffer = new StringBuffer(String.valueOf(encodeToString2.length()));
            stringBuffer.append("|");
            stringBuffer.append(encodeToString2);
            stringBuffer.append(encodeToString);
            return stringBuffer.toString();
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused) {
            UspLog.e(LOG_TAG, "encrypt failed!");
            return "";
        }
    }

    public static void generateKey() {
        UspHisign.buildRootFactor(UspSys.getInitialInstanceId());
    }

    public static SecretKey getKey(String str) {
        SecretKey secretKey = null;
        if (CaasSecurityConstants.CAAS_KEY_NAME_DECRYPT.equals(str)) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                Key key = keyStore.getKey(str, null);
                if (key instanceof SecretKey) {
                    secretKey = (SecretKey) key;
                } else {
                    UspLog.e(LOG_TAG, "KeyStore getKey failed!");
                }
                return secretKey;
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException unused) {
                UspLog.e(LOG_TAG, "get KeyStore failed!");
                return secretKey;
            }
        }
        if (CaasSecurityConstants.CAAS_KEY_NAME_DEFAULT.equals(str)) {
            byte[] decByteArray = UspCfg.getDecByteArray(UspSys.getInitialInstanceId(), 16, 55);
            if (decByteArray != null) {
                return new SecretKeySpec(decByteArray, "AES");
            }
            UspLog.e(LOG_TAG, "caas key is null");
            return null;
        }
        UspLog.e(LOG_TAG, "no support, alias:" + str);
        return null;
    }

    public static void init(Context context) {
        UspLog.i(LOG_TAG, "init.");
        generateKey();
    }
}
