package com.nttdocomo.android.openidconnectsdk.auth;

import android.annotation.TargetApi;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.nttdocomo.android.openidconnectsdk.auth.internal.Logger;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;

@TargetApi(23)
/* loaded from: classes24.dex */
public class KeyStoreUtil {
    private static SecretKey a() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder("dac_key_alias", 3).setCertificateSubject(new X500Principal("CN=dac_key_alias")).setCertificateSerialNumber(BigInteger.ONE).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build());
            return keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException e6) {
            Logger.debugWithStack(e6, "Failed to createAESKey", new Object[0]);
            return null;
        } catch (NoSuchAlgorithmException e7) {
            Logger.debugWithStack(e7, "Failed to createAESKey", new Object[0]);
            return null;
        } catch (NoSuchProviderException e8) {
            Logger.debugWithStack(e8, "Failed to createAESKey", new Object[0]);
            return null;
        }
    }

    private static SecretKey b() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) keyStore.getEntry("dac_key_alias", null);
            return secretKeyEntry == null ? a() : secretKeyEntry.getSecretKey();
        } catch (IOException e6) {
            Logger.debugWithStack(e6, "Failed to getSecretKey", new Object[0]);
            return null;
        } catch (KeyStoreException e7) {
            Logger.debugWithStack(e7, "Failed to getSecretKey", new Object[0]);
            return null;
        } catch (NoSuchAlgorithmException e8) {
            Logger.debugWithStack(e8, "Failed to getSecretKey", new Object[0]);
            return null;
        } catch (UnrecoverableEntryException e9) {
            Logger.debugWithStack(e9, "Failed to getSecretKey", new Object[0]);
            return null;
        } catch (CertificateException e10) {
            Logger.debugWithStack(e10, "Failed to getSecretKey", new Object[0]);
            return null;
        }
    }

    public static String decrypt(String str) {
        try {
            if (TextUtils.isEmpty(str)) {
                Logger.debug("Failed to decrypt:str is null", new Object[0]);
                return null;
            }
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey("dac_key_alias", null);
            if (secretKey == null) {
                Logger.debug("Failed to decrypt:secretKey is null", new Object[0]);
                return null;
            }
            String[] split = str.split("\\.");
            if (split.length != 2) {
                Logger.debug("Failed to decrypt:iv is null", new Object[0]);
                return null;
            }
            IvParameterSpec ivParameterSpec = new IvParameterSpec(Base64.decode(split[1], 2));
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(2, secretKey, ivParameterSpec);
            return new String(cipher.doFinal(Base64.decode(split[0], 2)));
        } catch (Exception e6) {
            Logger.debugWithStack(e6, "Failed to decrypt", new Object[0]);
            return null;
        }
    }

    public static String encrypt(String str) {
        try {
            if (TextUtils.isEmpty(str)) {
                Logger.debug("Failed to encrypt:str is null", new Object[0]);
                return null;
            }
            byte[] bytes = str.getBytes("UTF-8");
            SecretKey b6 = b();
            if (b6 == null) {
                Logger.debug("Failed to encrypt:secretKey is null", new Object[0]);
                return null;
            }
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(1, b6);
            String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 2);
            byte[] iv = cipher.getIV();
            if (iv == null) {
                Logger.debug("Failed to encrypt:iv is null", new Object[0]);
                return null;
            }
            return encodeToString + "." + Base64.encodeToString(iv, 2);
        } catch (IOException e6) {
            Logger.debugWithStack(e6, "Failed to encrypt", new Object[0]);
            return null;
        } catch (InvalidKeyException e7) {
            Logger.debugWithStack(e7, "Failed to encrypt", new Object[0]);
            return null;
        } catch (NoSuchAlgorithmException e8) {
            Logger.debugWithStack(e8, "Failed to encrypt", new Object[0]);
            return null;
        } catch (BadPaddingException e9) {
            Logger.debugWithStack(e9, "Failed to encrypt", new Object[0]);
            return null;
        } catch (IllegalBlockSizeException e10) {
            Logger.debugWithStack(e10, "Failed to encrypt", new Object[0]);
            return null;
        } catch (NoSuchPaddingException e11) {
            Logger.debugWithStack(e11, "Failed to encrypt", new Object[0]);
            return null;
        }
    }
}
