package com.amaze.filemanager.utils.security;

import android.app.Application;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.annotation.RequiresApi;
import androidx.preference.PreferenceManager;
import com.amaze.filemanager.application.AppConfig;
import com.amaze.filemanager.filesystem.files.CryptUtil;
import com.hierynomus.sshj.common.KeyAlgorithm;
import com.hierynomus.sshj.transport.cipher.GcmCiphers;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

@Metadata(d1 = {"\u00000\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0002\b\u0004\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0010\u0010\u0006\u001a\u00020\u00072\u0006\u0010\b\u001a\u00020\u0007H\u0002J\u0010\u0010\t\u001a\u00020\u00072\u0006\u0010\n\u001a\u00020\u0007H\u0002J\u0010\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\u000eH\u0003J\b\u0010\u000f\u001a\u00020\u0010H\u0003J\b\u0010\u0011\u001a\u00020\u0010H\u0003J\b\u0010\u0012\u001a\u0004\u0018\u00010\u0010J\b\u0010\u0013\u001a\u00020\fH\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000¨\u0006\u0014"}, d2 = {"Lcom/amaze/filemanager/utils/security/SecretKeygen;", "", "()V", "ALGO_RSA", "", "PREFERENCE_KEY", "decryptAESKey", "", "encodedBytes", "encryptAESKey", "secretKey", "generateRsaKeyPair", "", "context", "Landroid/content/Context;", "getAesSecretKey", "Ljava/security/Key;", "getRsaSecretKey", "getSecretKey", "setKeyPreference", "lib-file-manager_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes2.dex */
public final class SecretKeygen {

    @NotNull
    private static final String ALGO_RSA = "RSA/ECB/PKCS1Padding";

    @NotNull
    public static final SecretKeygen INSTANCE = new SecretKeygen();

    @NotNull
    private static final String PREFERENCE_KEY = "aes_key";

    private SecretKeygen() {
    }

    private final byte[] decryptAESKey(byte[] encodedBytes) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(CryptUtil.KEY_STORE_ANDROID);
        keyStore.load(null);
        KeyStore.Entry entry = keyStore.getEntry(CryptUtil.KEY_ALIAS_AMAZE, null);
        Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance(ALGO_RSA, "AndroidOpenSSL");
        cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(encodedBytes), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        byte[] bArr = new byte[arrayList.size()];
        int size = arrayList.size();
        for (int i5 = 0; i5 < size; i5++) {
            Object obj = arrayList.get(i5);
            Intrinsics.checkNotNullExpressionValue(obj, "bytes[i]");
            bArr[i5] = ((Number) obj).byteValue();
        }
        return bArr;
    }

    private final byte[] encryptAESKey(byte[] secretKey) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(CryptUtil.KEY_STORE_ANDROID);
        keyStore.load(null);
        KeyStore.Entry entry = keyStore.getEntry(CryptUtil.KEY_ALIAS_AMAZE, null);
        Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance(ALGO_RSA, "AndroidOpenSSL");
        cipher.init(1, ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(secretKey);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "byteArrayOutputStream.toByteArray()");
        return byteArray;
    }

    @RequiresApi(api = 18)
    private final void generateRsaKeyPair(Context context) {
        KeyStore keyStore = KeyStore.getInstance(CryptUtil.KEY_STORE_ANDROID);
        keyStore.load(null);
        if (keyStore.containsAlias(CryptUtil.KEY_ALIAS_AMAZE)) {
            return;
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KeyAlgorithm.RSA, CryptUtil.KEY_STORE_ANDROID);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(CryptUtil.KEY_ALIAS_AMAZE).setSubject(new X500Principal("CN=AmazeKey")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        Intrinsics.checkNotNullExpressionValue(build, "Builder(context)\n       …\n                .build()");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    @RequiresApi(api = 23)
    private final Key getAesSecretKey() throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(CryptUtil.KEY_STORE_ANDROID);
        keyStore.load(null);
        if (keyStore.containsAlias(CryptUtil.KEY_ALIAS_AMAZE)) {
            Key key = keyStore.getKey(CryptUtil.KEY_ALIAS_AMAZE, null);
            Intrinsics.checkNotNullExpressionValue(key, "{\n            keyStore.g…AS_AMAZE, null)\n        }");
            return key;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", CryptUtil.KEY_STORE_ANDROID);
        KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(CryptUtil.KEY_ALIAS_AMAZE, 3);
        builder.setBlockModes(GcmCiphers.GALOIS_COUNTER_MODE);
        builder.setEncryptionPaddings("NoPadding");
        builder.setRandomizedEncryptionRequired(false);
        keyGenerator.init(builder.build());
        SecretKey generateKey = keyGenerator.generateKey();
        Intrinsics.checkNotNullExpressionValue(generateKey, "{\n            val keyGen…r.generateKey()\n        }");
        return generateKey;
    }

    @RequiresApi(18)
    private final Key getRsaSecretKey() throws GeneralSecurityException, IOException {
        String string = PreferenceManager.getDefaultSharedPreferences(AppConfig.getInstance().getApplication()).getString(PREFERENCE_KEY, null);
        if (string != null) {
            byte[] decode = Base64.decode(string, 0);
            Intrinsics.checkNotNullExpressionValue(decode, "decode(encodedString, Base64.DEFAULT)");
            return new SecretKeySpec(decryptAESKey(decode), "AES");
        }
        Application application = AppConfig.getInstance().getApplication();
        Intrinsics.checkNotNullExpressionValue(application, "getInstance().application");
        generateRsaKeyPair(application);
        setKeyPreference();
        return getRsaSecretKey();
    }

    private final void setKeyPreference() throws GeneralSecurityException, IOException {
        SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(AppConfig.getInstance().getApplication());
        if (defaultSharedPreferences.getString(PREFERENCE_KEY, null) == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            defaultSharedPreferences.edit().putString(PREFERENCE_KEY, Base64.encodeToString(INSTANCE.encryptAESKey(bArr), 0)).apply();
        }
    }

    @Nullable
    public final Key getSecretKey() {
        return Build.VERSION.SDK_INT >= 23 ? getAesSecretKey() : getRsaSecretKey();
    }
}
