package com.stockmanagment.app.utils;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.google.android.gms.stats.CodePackage;
import com.stockmanagment.app.data.prefs.AppPrefs;
import com.stockmanagment.app.data.security.ObfuscateData;
import com.stockmanagment.online.app.R;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes4.dex */
public class SecurityUtils {
    private static final String AES_MODE_M = "AES/GCM/NoPadding";
    private static final String AndroidKeyStore = "AndroidKeyStore";
    public static final String ENCRYPTED_KEY = "ENCRYPTED_KEY";
    private static final String KEY_ALIAS = "KEY";
    public static final String PUBLIC_IV = "PUBLIC_IV";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    public static final String SHARED_PREFERENCE_NAME = "SAVED_TO_SHARED";
    private static int errCount;
    private static KeyStore keyStore;

    public static String decrypt(Context context, String str) throws NoSuchAlgorithmException, NoSuchPaddingException, BadPaddingException, IllegalBlockSizeException {
        Cipher cipher;
        String string = context.getSharedPreferences(SHARED_PREFERENCE_NAME, 0).getString(PUBLIC_IV, null);
        if (Build.VERSION.SDK_INT >= 23) {
            cipher = Cipher.getInstance(AES_MODE_M);
            try {
                cipher.init(2, getAESKeyFromKS(), new GCMParameterSpec(128, Base64.decode(string, 0)));
            } catch (Exception e) {
                e.printStackTrace();
            }
        } else {
            Cipher cipher2 = Cipher.getInstance(AES_MODE_M);
            try {
                cipher2.init(2, getSecretKey(context), new GCMParameterSpec(128, Base64.decode(string, 0)));
            } catch (Exception e2) {
                e2.printStackTrace();
            }
            cipher = cipher2;
        }
        return new String(cipher.doFinal(Base64.decode(str.getBytes(StandardCharsets.UTF_8), 0)));
    }

    public static String encrypt(Context context, String str) throws NoSuchAlgorithmException, NoSuchPaddingException, BadPaddingException, IllegalBlockSizeException {
        Cipher cipher;
        String string = context.getSharedPreferences(SHARED_PREFERENCE_NAME, 0).getString(PUBLIC_IV, null);
        if (Build.VERSION.SDK_INT >= 23) {
            cipher = Cipher.getInstance(AES_MODE_M);
            try {
                cipher.init(1, getAESKeyFromKS(), new GCMParameterSpec(128, Base64.decode(string, 0)));
            } catch (Exception e) {
                e.printStackTrace();
            }
        } else {
            Cipher cipher2 = Cipher.getInstance(AES_MODE_M);
            try {
                cipher2.init(1, getSecretKey(context), new GCMParameterSpec(128, Base64.decode(string, 0)));
            } catch (Exception e2) {
                e2.printStackTrace();
            }
            cipher = cipher2;
        }
        return Base64.encodeToString(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)), 0);
    }

    private static void generateAESKey(Context context) throws Exception {
        SharedPreferences sharedPreferences = context.getSharedPreferences(SHARED_PREFERENCE_NAME, 0);
        if (sharedPreferences.getString(ENCRYPTED_KEY, null) == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            String encodeToString = Base64.encodeToString(rsaEncrypt(bArr), 0);
            SharedPreferences.Editor edit = sharedPreferences.edit();
            edit.putString(ENCRYPTED_KEY, encodeToString);
            edit.apply();
        }
    }

    private static void generateEncryptKey(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException, CertificateException, IOException {
        KeyStore keyStore2 = KeyStore.getInstance(AndroidKeyStore);
        keyStore = keyStore2;
        keyStore2.load(null);
        if (Build.VERSION.SDK_INT >= 23) {
            if (keyStore.containsAlias(KEY_ALIAS)) {
                return;
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", AndroidKeyStore);
            keyGenerator.init(new KeyGenParameterSpec.Builder(KEY_ALIAS, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
            keyGenerator.generateKey();
            return;
        }
        if (keyStore.containsAlias(KEY_ALIAS)) {
            return;
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(KEY_ALIAS).setSubject(new X500Principal("CN=KEY")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", AndroidKeyStore);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private static void generateRandomIV(Context context) {
        SharedPreferences sharedPreferences = context.getSharedPreferences(SHARED_PREFERENCE_NAME, 0);
        if (sharedPreferences.getString(PUBLIC_IV, null) == null) {
            String encodeToString = Base64.encodeToString(new SecureRandom().generateSeed(12), 0);
            SharedPreferences.Editor edit = sharedPreferences.edit();
            edit.putString(PUBLIC_IV, encodeToString);
            edit.apply();
        }
    }

    private static Key getAESKeyFromKS() throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, UnrecoverableKeyException {
        KeyStore keyStore2 = KeyStore.getInstance(AndroidKeyStore);
        keyStore = keyStore2;
        keyStore2.load(null);
        return (SecretKey) keyStore.getKey(KEY_ALIAS, null);
    }

    private static String getMasterPassword(String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        int i = 0;
        for (byte b : str.trim().getBytes(StandardCharsets.UTF_8)) {
            i += b;
        }
        return String.valueOf((i + ConvertUtils.strToInt(ObfuscateData.getMasterPassword())) % 10000);
    }

    private static Key getSecretKey(Context context) throws Exception {
        return new SecretKeySpec(rsaDecrypt(Base64.decode(context.getSharedPreferences(SHARED_PREFERENCE_NAME, 0).getString(ENCRYPTED_KEY, null), 0)), "AES");
    }

    public static boolean incorrectLoginExcess() {
        return errCount > 5;
    }

    public static void init(Context context) {
        try {
            generateEncryptKey(context);
            generateRandomIV(context);
            if (Build.VERSION.SDK_INT < 23) {
                try {
                    generateAESKey(context);
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
        } catch (Exception e2) {
            e2.printStackTrace();
        }
    }

    public static boolean passwordCorrect(Context context, String str) {
        try {
            String value = AppPrefs.password().getValue();
            String masterPassword = getMasterPassword(value);
            if (!TextUtils.isEmpty(value)) {
                value = decrypt(context, value);
            }
            boolean equalStrings = StringUtils.equalStrings(str, value);
            boolean equalStrings2 = StringUtils.equalStrings(str, masterPassword);
            boolean z = !TextUtils.isEmpty(str) && (equalStrings || equalStrings2);
            if (!equalStrings && equalStrings2) {
                String encrypt = encrypt(context, masterPassword);
                Log.d("set_password", "password correct = " + str);
                AppPrefs.password().setValue(encrypt);
            }
            if (z) {
                errCount = 0;
            } else {
                errCount++;
                GuiUtils.showMessage(R.string.password_invalid);
            }
            return z;
        } catch (Exception e) {
            String value2 = AppPrefs.password().getValue();
            if (!TextUtils.isEmpty(value2) && StringUtils.equalStrings(str, getMasterPassword(value2))) {
                return true;
            }
            e.printStackTrace();
            String localizedMessage = e.getLocalizedMessage();
            if (!TextUtils.isEmpty(localizedMessage)) {
                GuiUtils.showMessage(localizedMessage);
            }
            return false;
        }
    }

    public static boolean passwordsEquals(String str, String str2) {
        boolean z = (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || !str.equals(str2)) ? false : true;
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            GuiUtils.showShortMessage(R.string.message_password_is_null);
            return false;
        }
        if (!z) {
            GuiUtils.showShortMessage(R.string.password_doesnt_match);
        }
        return z;
    }

    private static byte[] rsaDecrypt(byte[] bArr) throws Exception {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(KEY_ALIAS, null);
        Cipher cipher = Cipher.getInstance(RSA_MODE, "AndroidOpenSSL");
        cipher.init(2, privateKeyEntry.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i = 0; i < size; i++) {
            bArr2[i] = ((Byte) arrayList.get(i)).byteValue();
        }
        return bArr2;
    }

    private static byte[] rsaEncrypt(byte[] bArr) throws Exception {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(KEY_ALIAS, null);
        Cipher cipher = Cipher.getInstance(RSA_MODE, "AndroidOpenSSL");
        cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }
}
