package com.huawei.smartdc.encryptlib;

import android.app.Application;
import android.os.SystemClock;
import android.text.TextUtils;
import androidx.room.Room;
import com.huawei.smartdc.encryptlib.Encryptor;
import com.huawei.smartdc.encryptlib.database.EncryptDataBase;
import com.huawei.smartdc.encryptlib.database.EncryptedDataEntity;
import com.huawei.smartdc.encryptlib.database.SecretKeyEntity;
import com.huawei.smartdc.encryptlib.util.AESUtils;
import com.huawei.smartdc.encryptlib.util.EncryptUtils;
import e.f.d.e;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes8.dex */
public class EncryptManager {
    private static final long DEFAULT_KEEP_TIME = 86400000;
    private static final String TAG = "EncryptManager";
    private static volatile EncryptManager sInstance;
    private Decryptor mDecryptor;
    private EncryptDataBase mEncryptDatabase;
    private Encryptor mEncryptor;

    /* loaded from: classes8.dex */
    public static class InvalidDataException extends Exception {
        public InvalidDataException() {
            super("data Invalid");
        }
    }

    private EncryptManager() {
        initData();
    }

    private boolean checkNeedUpdateSecretKey(SecretKeyEntity secretKeyEntity) {
        if (secretKeyEntity != null && this.mEncryptor != null && this.mDecryptor != null) {
            return SystemClock.currentThreadTimeMillis() - secretKeyEntity.getUpdateTime() >= secretKeyEntity.getKeepTime();
        }
        e.q(TAG, "checkNeedUpdateSecretKey secretKeyEntity is null");
        return false;
    }

    private String decryptData(EncryptedDataEntity encryptedDataEntity, SecretKeyEntity secretKeyEntity) throws NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, BadPaddingException, IllegalBlockSizeException, UnrecoverableEntryException, InvalidKeyException {
        return AESUtils.decrypt(encryptedDataEntity.getEncryptdContent(), decryptWorkKey(secretKeyEntity), encryptedDataEntity.getIv());
    }

    private String decryptWorkKey(SecretKeyEntity secretKeyEntity) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, UnrecoverableEntryException {
        return this.mDecryptor.decryptData(secretKeyEntity.getRootSecretAlias(), secretKeyEntity.getEncryptedSecretKey(), secretKeyEntity.getIv(), "AES/GCM/NoPadding");
    }

    private String encryptDataWithWorkKey(String str, String str2, String str3) {
        return AESUtils.encrypt(str, str2, str3);
    }

    public static EncryptManager getInstance() {
        if (sInstance == null) {
            synchronized (EncryptManager.class) {
                if (sInstance == null) {
                    sInstance = new EncryptManager();
                }
            }
        }
        return sInstance;
    }

    private void initData() {
        try {
            this.mDecryptor = new Decryptor();
            this.mEncryptor = new Encryptor();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            e.j(TAG, "EncryptManager exception:" + e2.getMessage());
        }
    }

    private void insertSecretKey(SecretKeyEntity secretKeyEntity) throws InvalidDataException {
        EncryptDataBase encryptDataBase = this.mEncryptDatabase;
        if (encryptDataBase == null) {
            e.q(TAG, "insetSecretKey mEncryptDatabase is null");
        } else {
            if (encryptDataBase.encryptDao().getSecretKeyByAlias(secretKeyEntity.getSecretAlias(), secretKeyEntity.getUserId()) != null) {
                throw new InvalidDataException();
            }
            e.q(TAG, "insertSecretKey");
            this.mEncryptDatabase.encryptDao().insertSecretKey(secretKeyEntity);
        }
    }

    private void updateOldEncryptData(SecretKeyEntity secretKeyEntity, String str) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, BadPaddingException, IllegalBlockSizeException, UnrecoverableEntryException, InvalidAlgorithmParameterException {
        List<EncryptedDataEntity> encryptDataByWorkKey = this.mEncryptDatabase.encryptDao().getEncryptDataByWorkKey(secretKeyEntity.getSecretAlias(), secretKeyEntity.getUserId());
        if (encryptDataByWorkKey == null || encryptDataByWorkKey.isEmpty()) {
            e.q(TAG, "updateOldEncryptData encryptedDataEntityList is empty");
            return;
        }
        for (EncryptedDataEntity encryptedDataEntity : encryptDataByWorkKey) {
            if (encryptedDataEntity != null) {
                String decryptData = decryptData(encryptedDataEntity, secretKeyEntity);
                if (decryptData != null) {
                    String randomString = EncryptUtils.getRandomString(16);
                    encryptedDataEntity.setEncryptdContent(encryptDataWithWorkKey(decryptData, str, randomString));
                    encryptedDataEntity.setIv(randomString);
                    updateEncryptData(encryptedDataEntity);
                } else {
                    e.e(TAG, "EncryptContent is null");
                }
            }
        }
    }

    public void createSecretKey(String str, String str2, long j2, String str3) throws InvalidDataException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, BadPaddingException, IllegalBlockSizeException, UnrecoverableEntryException, InvalidAlgorithmParameterException {
        if (EncryptUtils.isParamsNotValid(str, str2, str3)) {
            e.q(TAG, "createSecretKey params not valid");
            return;
        }
        if (this.mEncryptDatabase == null || this.mDecryptor == null || this.mEncryptor == null) {
            e.q(TAG, "createSecretKey mEncryptDatabase or mDecryptor or mEncryptor is null");
            return;
        }
        if (getSecretKeyByAlias(str, str2) != null) {
            e.q(TAG, "createSecretKey work key is exist");
            return;
        }
        Encryptor.EncryptResult encryptNewWorkSecretKey = encryptNewWorkSecretKey(str3, EncryptUtils.getRandomString(16));
        if (encryptNewWorkSecretKey == null) {
            e.q(TAG, "getSecretKeyByAlias newWorkSecretKey is null");
            return;
        }
        SecretKeyEntity secretKeyEntity = new SecretKeyEntity();
        secretKeyEntity.setIv(encryptNewWorkSecretKey.iv);
        secretKeyEntity.setUpdateTime(System.currentTimeMillis());
        secretKeyEntity.setKeepTime(j2);
        secretKeyEntity.setRootSecretAlias(str3);
        secretKeyEntity.setSecretAlias(str);
        secretKeyEntity.setUserId(str2);
        secretKeyEntity.setEncryptedSecretKey(encryptNewWorkSecretKey.encryptString);
        insertSecretKey(secretKeyEntity);
    }

    public void createSecretKey(String str, String str2, String str3) throws InvalidDataException, NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, BadPaddingException, IllegalBlockSizeException, UnrecoverableEntryException, InvalidKeyException {
        createSecretKey(str, str2, 86400000L, str3);
    }

    public String decryptData(String str, String str2) {
        if (this.mDecryptor == null) {
            e.j(TAG, "decryptData decryptor is null");
            return "";
        }
        if (TextUtils.isEmpty(str)) {
            e.j(TAG, "decryptData encryptedData is empty");
            return "";
        }
        try {
            return this.mDecryptor.decryptData(EncryptConstants.DEFAULT_ALIAS, str, str2, "AES/GCM/NoPadding");
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e2) {
            e.j(TAG, "encryptText failed:" + e2.getMessage());
            return "";
        }
    }

    public void deleteEncryptDataByKey(String str, String str2) {
        EncryptDataBase encryptDataBase = this.mEncryptDatabase;
        if (encryptDataBase == null) {
            e.q(TAG, "getEncryptDataByKey mEncryptDatabase is null");
            return;
        }
        EncryptedDataEntity encryptDataByKey = encryptDataBase.encryptDao().getEncryptDataByKey(str, str2);
        if (encryptDataByKey == null) {
            return;
        }
        this.mEncryptDatabase.encryptDao().deleteEncryptData(encryptDataByKey);
    }

    public String encryptData(String str, String str2, String str3, String str4) throws InvalidDataException, NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, BadPaddingException, IllegalBlockSizeException, UnrecoverableEntryException, InvalidKeyException {
        if (EncryptUtils.isParamsNotValid(str, str2, str3, str4)) {
            e.q(TAG, "encryptData params not valid");
            return "";
        }
        if (this.mEncryptDatabase == null || this.mDecryptor == null || this.mEncryptor == null) {
            e.q(TAG, "encryptData mEncryptDatabase or mDecryptor or mEncryptor is null");
            return "";
        }
        SecretKeyEntity secretKeyByAlias = getSecretKeyByAlias(str, str3);
        if (secretKeyByAlias == null) {
            e.q(TAG, "encryptData secretKeyEntity is null");
            return "";
        }
        String decryptWorkKey = decryptWorkKey(secretKeyByAlias);
        String randomString = EncryptUtils.getRandomString(16);
        String encryptDataWithWorkKey = encryptDataWithWorkKey(str2, decryptWorkKey, randomString);
        EncryptedDataEntity encryptedDataEntity = new EncryptedDataEntity();
        encryptedDataEntity.setIv(randomString);
        encryptedDataEntity.setEncryptdContent(encryptDataWithWorkKey);
        encryptedDataEntity.setBusinessKey(str4);
        encryptedDataEntity.setAlias(str);
        encryptedDataEntity.setUserId(str3);
        insertOrUpdateEncryptData(encryptedDataEntity);
        return encryptDataWithWorkKey;
    }

    public Encryptor.EncryptResult encryptNewWorkSecretKey(String str, String str2) {
        try {
            return this.mEncryptor.encryptData(str, str2, "AES/GCM/NoPadding");
        } catch (InvalidAlgorithmParameterException e2) {
            e = e2;
            e.q(TAG, "encryptNewWorkSecretKey" + e.getMessage());
            return null;
        } catch (InvalidKeyException e3) {
            e = e3;
            e.q(TAG, "encryptNewWorkSecretKey" + e.getMessage());
            return null;
        } catch (KeyStoreException e4) {
            e = e4;
            e.q(TAG, "encryptNewWorkSecretKey" + e.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e5) {
            e.j(TAG, "getNewWorkSecretKey NoSuchAlgorithmException:" + e5.getMessage());
            return null;
        } catch (NoSuchProviderException e6) {
            e = e6;
            e.q(TAG, "encryptNewWorkSecretKey" + e.getMessage());
            return null;
        } catch (UnrecoverableEntryException e7) {
            e = e7;
            e.q(TAG, "encryptNewWorkSecretKey" + e.getMessage());
            return null;
        } catch (BadPaddingException e8) {
            e = e8;
            e.q(TAG, "encryptNewWorkSecretKey" + e.getMessage());
            return null;
        } catch (IllegalBlockSizeException e9) {
            e = e9;
            e.q(TAG, "encryptNewWorkSecretKey" + e.getMessage());
            return null;
        } catch (NoSuchPaddingException e10) {
            e = e10;
            e.q(TAG, "encryptNewWorkSecretKey" + e.getMessage());
            return null;
        }
    }

    public String getDecryptData(String str, String str2) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, BadPaddingException, IllegalBlockSizeException, UnrecoverableEntryException, InvalidAlgorithmParameterException {
        EncryptDataBase encryptDataBase = this.mEncryptDatabase;
        if (encryptDataBase == null || this.mDecryptor == null || this.mEncryptor == null) {
            e.q(TAG, "getDecryptData mEncryptDatabase or mDecryptor or mEncryptor is null");
            return "";
        }
        EncryptedDataEntity encryptDataByKey = encryptDataBase.encryptDao().getEncryptDataByKey(str2, str);
        if (encryptDataByKey == null) {
            e.j(TAG, "getDecryptData encryptedDataEntity is null");
            return "";
        }
        SecretKeyEntity secretKeyByAlias = this.mEncryptDatabase.encryptDao().getSecretKeyByAlias(encryptDataByKey.getAlias(), encryptDataByKey.getUserId());
        if (secretKeyByAlias != null) {
            return decryptData(encryptDataByKey, secretKeyByAlias);
        }
        e.j(TAG, "getDecryptData secretKeyEntity is null");
        return "";
    }

    public SecretKeyEntity getSecretKeyByAlias(String str, String str2) throws NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, BadPaddingException, IllegalBlockSizeException, UnrecoverableEntryException, InvalidKeyException {
        EncryptDataBase encryptDataBase = this.mEncryptDatabase;
        if (encryptDataBase == null || this.mDecryptor == null || this.mEncryptor == null) {
            e.q(TAG, "getSecretKeyByAlias mEncryptDatabase or mDecryptor or mEncryptor is null");
            return null;
        }
        SecretKeyEntity secretKeyByAlias = encryptDataBase.encryptDao().getSecretKeyByAlias(str, str2);
        if (checkNeedUpdateSecretKey(secretKeyByAlias)) {
            String randomString = EncryptUtils.getRandomString(32);
            Encryptor.EncryptResult encryptNewWorkSecretKey = encryptNewWorkSecretKey(secretKeyByAlias.getRootSecretAlias(), randomString);
            if (encryptNewWorkSecretKey != null) {
                updateOldEncryptData(secretKeyByAlias, randomString);
                secretKeyByAlias.setIv(encryptNewWorkSecretKey.iv);
                secretKeyByAlias.setEncryptedSecretKey(encryptNewWorkSecretKey.encryptString);
                updateSecretKey(secretKeyByAlias);
            } else {
                e.q(TAG, "getSecretKeyByAlias newWorkSecretKey is null");
            }
        }
        return secretKeyByAlias;
    }

    public void initDataBase(Application application) {
        if (application == null) {
            e.j(TAG, "initDatabase application is null");
        } else {
            this.mEncryptDatabase = (EncryptDataBase) Room.databaseBuilder(application.getApplicationContext(), EncryptDataBase.class, "encryptData.db").allowMainThreadQueries().build();
        }
    }

    public void insertOrUpdateEncryptData(EncryptedDataEntity encryptedDataEntity) {
        EncryptDataBase encryptDataBase = this.mEncryptDatabase;
        if (encryptDataBase == null) {
            e.q(TAG, "insetEncryptData mEncryptDatabase is null");
            return;
        }
        EncryptedDataEntity encryptDataByKey = encryptDataBase.encryptDao().getEncryptDataByKey(encryptedDataEntity.getBusinessKey(), encryptedDataEntity.getUserId());
        if (encryptDataByKey == null) {
            this.mEncryptDatabase.encryptDao().insetEncryptData(encryptedDataEntity);
        } else {
            encryptedDataEntity.setId(encryptDataByKey.getId());
            this.mEncryptDatabase.encryptDao().updateEncryptData(encryptedDataEntity);
        }
    }

    public void updateEncryptData(EncryptedDataEntity encryptedDataEntity) {
        EncryptDataBase encryptDataBase = this.mEncryptDatabase;
        if (encryptDataBase == null) {
            e.q(TAG, "updateEncryptData mEncryptDatabase is null");
        } else {
            encryptDataBase.encryptDao().updateEncryptData(encryptedDataEntity);
        }
    }

    public void updateSecretKey(SecretKeyEntity secretKeyEntity) {
        EncryptDataBase encryptDataBase = this.mEncryptDatabase;
        if (encryptDataBase == null) {
            e.q(TAG, "updateSecretKey mEncryptDatabase is null");
        } else {
            encryptDataBase.encryptDao().updateSecretKey(secretKeyEntity);
        }
    }
}
