package com.huawei.networkenergy.appplatform.logical.crypto;

import android.content.Context;
import android.text.TextUtils;
import android.util.Base64;
import com.huawei.inverterapp.sun2000.modbus.service.csv.CSVWriter;
import com.huawei.inverterapp.sun2000.wifi.socket.util.CharsetUtil;
import com.huawei.networkenergy.appplatform.common.log.Log;
import com.huawei.secure.android.common.encrypt.keystore.rsa.RSAEncryptKS;
import com.huawei.secure.android.common.util.HexUtil;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* compiled from: TbsSdkJava */
/* loaded from: classes2.dex */
class RsaEncryptKsByPlatform {
    private static final String EMPTY = "";
    private static final int KEY_LENGTH = 2048;
    private static final String RSA_MODE_OAEP = "RSA/ECB/OAEPWithSHA-256AndMGF1Padding";
    private static final String TAG = "RSAEncryptKS";

    RsaEncryptKsByPlatform() {
    }

    public static String decrpyt(Context context, String str, String str2) {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            Log.error(TAG, "alias or encrypted content is null");
            return "";
        }
        try {
            PrivateKey privateKey = getPrivateKey(context, str);
            if (privateKey == null) {
                Log.error(TAG, "Private key is null");
                return "";
            }
            Cipher cipher = Cipher.getInstance(RSA_MODE_OAEP);
            cipher.init(2, privateKey, new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec(McElieceCCA2KeyGenParameterSpec.SHA1), PSource.PSpecified.DEFAULT));
            return new String(cipher.doFinal(Base64.decode(str2, 0)), CharsetUtil.CHARASET_UTF_8);
        } catch (UnsupportedEncodingException | GeneralSecurityException e2) {
            Log.error(TAG, "RSA decrypt exception : " + e2.getMessage());
            return "";
        }
    }

    public static String encrypt(Context context, String str, String str2) {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            Log.error(TAG, "alias or content is null");
            return "";
        }
        try {
            PublicKey publicKey = getPublicKey(context, str);
            if (publicKey == null) {
                Log.error(TAG, "Public key is null");
                return "";
            }
            Cipher cipher = Cipher.getInstance(RSA_MODE_OAEP);
            cipher.init(1, publicKey, new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec(McElieceCCA2KeyGenParameterSpec.SHA1), PSource.PSpecified.DEFAULT));
            return Base64.encodeToString(cipher.doFinal(str2.getBytes(CharsetUtil.CHARASET_UTF_8)), 0);
        } catch (Exception e2) {
            Log.error(TAG, "RSA encrypt exception : " + e2.getMessage());
            return "";
        }
    }

    public static Certificate[] generateCert(KeyPair keyPair) throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        return new Certificate[0];
    }

    public static KeyPair generateKeyPair(Context context, String str) {
        if (keyPairExists(context, str)) {
            Log.error(TAG, "Key pair exits");
            return null;
        }
        try {
            Log.info(TAG, "generate key pair.");
            KeyStore keyStore = getKeyStore(context);
            String keyStorePath = EncryptCommon.getKeyStorePath(context);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            keyStore.setKeyEntry(str, generateKeyPair.getPrivate(), null, generateCert(generateKeyPair));
            EncryptCommon.saveKeyStore(keyStore, keyStorePath);
            return generateKeyPair;
        } catch (Exception e2) {
            Log.error(TAG, "generateKeyPair exception: " + e2.getMessage());
            return null;
        }
    }

    public static KeyStore getKeyStore(Context context) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        return EncryptCommon.loadKeyStore(context);
    }

    static PrivateKey getPrivateKey(Context context, String str) {
        if (!keyPairExists(context, str)) {
            return null;
        }
        try {
            return (PrivateKey) getKeyStore(context).getKey(str, null);
        } catch (IOException | GeneralSecurityException e2) {
            Log.error(TAG, "get private key exception : " + e2.getMessage());
            return null;
        }
    }

    static PublicKey getPublicKey(Context context, String str) {
        if (!keyPairExists(context, str)) {
            generateKeyPair(context, str);
        }
        Certificate loadCertificate = loadCertificate(context, str);
        if (loadCertificate != null) {
            return loadCertificate.getPublicKey();
        }
        return null;
    }

    private static String getPublicKeyAlias(String str) {
        return str;
    }

    private static boolean keyPairExists(Context context, String str) {
        try {
            KeyStore keyStore = getKeyStore(context);
            if (keyStore == null) {
                return false;
            }
            return keyStore.getKey(getPublicKeyAlias(str), null) != null;
        } catch (IOException | GeneralSecurityException e2) {
            Log.error(TAG, "key pair exists exciption : " + e2.getMessage());
            return false;
        }
    }

    private static Certificate loadCertificate(Context context, String str) {
        try {
            return getKeyStore(context).getCertificate(str);
        } catch (IOException | GeneralSecurityException e2) {
            Log.error(TAG, "load public key exception : " + e2.getMessage());
            return null;
        }
    }

    public static void printException(Exception exc) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("exception:" + exc.toString() + CSVWriter.DEFAULT_LINE_END_STR);
        for (StackTraceElement stackTraceElement : exc.getStackTrace()) {
            stringBuffer.append(stackTraceElement.getLineNumber() + stackTraceElement.getFileName() + CSVWriter.DEFAULT_LINE_END_STR);
        }
        Log.info(TAG, stringBuffer.toString());
    }

    static byte[] rsaDecryptWithKeyStore(Context context, String str, byte[] bArr) throws UnsupportedEncodingException {
        String str2 = new String(bArr, CharsetUtil.CHARASET_UTF_8);
        return HexUtil.hexStr2ByteArray(true == EncryptCommon.isBuildVersionHigherThan22() ? RSAEncryptKS.decrpyt(str, str2) : decrpyt(context, str, str2));
    }

    static byte[] rsaEncryptWithKeyStore(Context context, String str, byte[] bArr) throws UnsupportedEncodingException {
        String byteArray2HexStr = HexUtil.byteArray2HexStr(bArr);
        return (true == EncryptCommon.isBuildVersionHigherThan22() ? RSAEncryptKS.encrypt(str, byteArray2HexStr) : encrypt(context, str, byteArray2HexStr)).getBytes(CharsetUtil.CHARASET_UTF_8);
    }

    static byte[] rsaWithKeyStore(Context context, String str, byte[] bArr, boolean z) throws UnsupportedEncodingException {
        return z ? rsaEncryptWithKeyStore(context, str, bArr) : rsaDecryptWithKeyStore(context, str, bArr);
    }
}
