package com.airfrance.android.totoro.util.login;

import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.afklm.mobile.android.gomobile.klm.R;
import com.afklm.mobile.android.travelapi.login.config.TokenAccountManagerConfig;
import com.afklm.mobile.android.travelapi.login.config.TokenStorageConfig;
import com.airfrance.android.totoro.common.util.provider.SharedPreferencesProvider;
import com.airfrance.android.totoro.common.util.provider.StringProvider;
import com.google.android.gms.stats.CodePackage;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;

@Metadata
/* loaded from: classes6.dex */
public final class TokenStorageConfigKt {
    private static final SecretKey a(String str) {
        byte[] decode = Base64.decode(str, 0);
        Intrinsics.g(decode);
        return new SecretKeySpec(b(decode), "AES");
    }

    private static final byte[] b(byte[] bArr) {
        KeyStore e2 = e();
        c(e2);
        KeyStore.Entry entry = e2.getEntry("KLMKeysRSA", null);
        Intrinsics.h(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        return g(new CipherInputStream(new ByteArrayInputStream(bArr), cipher));
    }

    private static final void c(KeyStore keyStore) {
        if (keyStore.containsAlias("KLMKeysRSA")) {
            return;
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("KLMKeysRSA", 1).setCertificateSubject(new X500Principal("CN=KLMKeysRSA")).setCertificateSerialNumber(BigInteger.TEN).setKeyValidityStart(calendar.getTime()).setKeyValidityEnd(calendar2.getTime()).build();
        Intrinsics.i(build, "build(...)");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private static final Key d(SharedPreferencesProvider sharedPreferencesProvider) {
        String string = sharedPreferencesProvider.a("com.klm.app.klm-core.general-storage", 0).getString("data_key", null);
        return string == null ? h("KLMKeysAES") : a(string);
    }

    private static final KeyStore e() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        Intrinsics.i(keyStore, "apply(...)");
        return keyStore;
    }

    @NotNull
    public static final TokenStorageConfig f(@NotNull StringProvider stringProvider, @NotNull SharedPreferencesProvider sharedPreferencesProvider) {
        Intrinsics.j(stringProvider, "stringProvider");
        Intrinsics.j(sharedPreferencesProvider, "sharedPreferencesProvider");
        return new TokenAccountManagerConfig(stringProvider.b(R.string.account_package), stringProvider.b(R.string.account_id), stringProvider.b(R.string.account_appname), d(sharedPreferencesProvider));
    }

    private static final byte[] g(CipherInputStream cipherInputStream) {
        ArrayList arrayList = new ArrayList();
        int read = cipherInputStream.read();
        while (read != -1) {
            arrayList.add(Byte.valueOf((byte) read));
            read = cipherInputStream.read();
        }
        int size = arrayList.size();
        byte[] bArr = new byte[size];
        for (int i2 = 0; i2 < size; i2++) {
            bArr[i2] = ((Number) arrayList.get(i2)).byteValue();
        }
        cipherInputStream.close();
        return bArr;
    }

    private static final Key h(String str) {
        KeyStore e2 = e();
        if (e2.containsAlias(str)) {
            Key key = e2.getKey(str, null);
            Intrinsics.g(key);
            return key;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(str, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(true).build();
        Intrinsics.i(build, "build(...)");
        keyGenerator.init(build);
        SecretKey generateKey = keyGenerator.generateKey();
        Intrinsics.g(generateKey);
        return generateKey;
    }
}
