package com.pdf.reader.editor.fill.sign.Util;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.itextpdf.text.pdf.security.DigestAlgorithms;
import com.itextpdf.text.pdf.security.SecurityConstants;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes6.dex */
public class FASDataSecurity {
    private static final String AES_ENCRYPTION_ALGORITHM = "AES";
    private static final String AES_ENCRYPTION_ALGORITHM_WITH_MODE_AND_PADDING = "AES/CBC/PKCS5Padding";
    private static final String ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final String KEY_ALIAS = "AdobeFillAndSign";
    static IvParameterSpec ivSpec;
    static byte[] staticIV = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
    private KeyStore mAndroidKeyStore;
    private Context mContext;
    private KeyStore mLocalKeyStore;
    private SecretKeySpec mSecretKeySpec = null;

    public FASDataSecurity(Context context) {
        this.mContext = context;
        loadRSAKeyStore();
        getKeySpec();
    }

    private String decryptPasswordString(String str) {
        try {
            return decryptPasswordString(str, loadPrivateKey());
        } catch (Exception unused) {
            return "";
        }
    }

    private String decryptPasswordString(String str, Key key) {
        byte[] decode = Base64.decode(str, 0);
        try {
            Cipher cipher = getCipher();
            cipher.init(2, key);
            return new String(cipher.doFinal(decode));
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    private String encryptPasswordString(String str) {
        try {
            return encryptPasswordString(str, loadPublicKey());
        } catch (Exception unused) {
            return "";
        }
    }

    private String encryptPasswordString(String str, Key key) {
        try {
            Cipher cipher = getCipher();
            cipher.init(1, key);
            return Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    private Cipher getCipher() throws NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException {
        return Build.VERSION.SDK_INT < 23 ? Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL") : Cipher.getInstance("RSA/ECB/PKCS1Padding");
    }

    private IvParameterSpec getIvSpec() {
        if (ivSpec == null) {
            ivSpec = new IvParameterSpec(staticIV);
        }
        return ivSpec;
    }

    private void getKeySpec() {
        try {
            char[] charArray = getPassword().toCharArray();
            FileInputStream fileInputStream = null;
            if (this.mContext.getFileStreamPath("keyStoreName").exists()) {
                this.mLocalKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                try {
                    fileInputStream = this.mContext.openFileInput("keyStoreName");
                } catch (Exception e) {
                    e.printStackTrace();
                }
                this.mLocalKeyStore.load(fileInputStream, charArray);
                this.mSecretKeySpec = new SecretKeySpec(((SecretKey) this.mLocalKeyStore.getKey(KEY_ALIAS, charArray)).getEncoded(), AES_ENCRYPTION_ALGORITHM);
                return;
            }
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                this.mLocalKeyStore = keyStore;
                keyStore.load(null);
                SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
                secureRandom.setSeed("any data used as random seed".getBytes());
                KeyGenerator keyGenerator = KeyGenerator.getInstance(AES_ENCRYPTION_ALGORITHM);
                keyGenerator.init(256, secureRandom);
                SecretKey generateKey = keyGenerator.generateKey();
                this.mLocalKeyStore.setKeyEntry(KEY_ALIAS, generateKey, charArray, null);
                this.mSecretKeySpec = new SecretKeySpec(generateKey.getEncoded(), AES_ENCRYPTION_ALGORITHM);
                FileOutputStream openFileOutput = this.mContext.openFileOutput("keyStoreName", 0);
                this.mLocalKeyStore.store(openFileOutput, charArray);
                openFileOutput.close();
                return;
            } catch (Exception e2) {
                e2.printStackTrace();
                return;
            }
        } catch (Exception e3) {
            e3.printStackTrace();
        }
        e3.printStackTrace();
    }

    private AlgorithmParameterSpec getKeySpecM(Calendar calendar, Calendar calendar2) {
        return new KeyGenParameterSpec.Builder(KEY_ALIAS, 3).setDigests("SHA-256", DigestAlgorithms.SHA512).setEncryptionPaddings("PKCS1Padding").setBlockModes("ECB").setKeySize(1024).setCertificateSubject(new X500Principal(String.format("CN=%s, OU=%s", KEY_ALIAS, this.mContext.getPackageName()))).setCertificateSerialNumber(BigInteger.ONE).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).build();
    }

    private AlgorithmParameterSpec getKeySpecPreM(Calendar calendar, Calendar calendar2) {
        return new KeyPairGeneratorSpec.Builder(this.mContext).setAlias(KEY_ALIAS).setKeySize(1024).setSubject(new X500Principal(String.format("CN=%s, OU=%s", KEY_ALIAS, this.mContext.getPackageName()))).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
    }

    private String getPassword() {
        SharedPreferences sharedPreferences = this.mContext.getSharedPreferences(ANDROID_KEYSTORE, 0);
        if (sharedPreferences.contains(KEY_ALIAS)) {
            return decryptPasswordString(sharedPreferences.getString(KEY_ALIAS, ""));
        }
        String valueOf = String.valueOf(new Random().nextInt(90000) + 10000);
        String encryptPasswordString = encryptPasswordString(valueOf);
        SharedPreferences.Editor edit = sharedPreferences.edit();
        edit.putString(KEY_ALIAS, encryptPasswordString);
        edit.commit();
        return valueOf;
    }

    private Key loadPrivateKey() throws Exception {
        if (this.mAndroidKeyStore.containsAlias(KEY_ALIAS)) {
            return this.mAndroidKeyStore.getKey(KEY_ALIAS, null);
        }
        return null;
    }

    private Key loadPublicKey() throws Exception {
        if (this.mAndroidKeyStore.containsAlias(KEY_ALIAS)) {
            return this.mAndroidKeyStore.getCertificate(KEY_ALIAS).getPublicKey();
        }
        return null;
    }

    private void loadRSAKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
            this.mAndroidKeyStore = keyStore;
            keyStore.load(null);
            generateNewKeyPair();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public String decryptString(String str) {
        if (str.equals("")) {
            return "";
        }
        byte[] bArr = null;
        boolean z = false;
        byte[] decode = Base64.decode(str, 0);
        try {
            Cipher cipher = Cipher.getInstance(AES_ENCRYPTION_ALGORITHM_WITH_MODE_AND_PADDING);
            cipher.init(2, this.mSecretKeySpec, getIvSpec());
            bArr = cipher.doFinal(decode);
        } catch (Exception e) {
            e.printStackTrace();
            z = true;
        }
        if (z) {
            try {
                Cipher cipher2 = Cipher.getInstance(AES_ENCRYPTION_ALGORITHM);
                cipher2.init(2, this.mSecretKeySpec);
                bArr = cipher2.doFinal(decode);
            } catch (Exception e2) {
                e2.printStackTrace();
                return "";
            }
        }
        return new String(bArr);
    }

    public String encryptString(String str) {
        if (str.equals("")) {
            return "";
        }
        try {
            Cipher cipher = Cipher.getInstance(AES_ENCRYPTION_ALGORITHM_WITH_MODE_AND_PADDING);
            cipher.init(1, this.mSecretKeySpec, getIvSpec());
            return Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
        } catch (Exception e) {
            e.printStackTrace();
            return "";
        }
    }

    public void generateNewKeyPair() {
        try {
            if (this.mAndroidKeyStore.containsAlias(KEY_ALIAS)) {
                return;
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 20);
            AlgorithmParameterSpec keySpecPreM = Build.VERSION.SDK_INT < 23 ? getKeySpecPreM(calendar, calendar2) : getKeySpecM(calendar, calendar2);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SecurityConstants.RSA, ANDROID_KEYSTORE);
            keyPairGenerator.initialize(keySpecPreM);
            keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
